last executing test programs: 1m18.286775056s ago: executing program 32 (id=910): r0 = socket$unix(0x1, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(r1, r1, r1) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 1m16.251290084s ago: executing program 2 (id=958): r0 = socket$netlink(0x10, 0x3, 0x8000000004) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x2) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="58000000140019234083feff040d8c560a06580200ff0000000000000020ffff00000000000064009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c100000000200ffffffff", 0x58}], 0x1) 1m15.885370625s ago: executing program 2 (id=974): r0 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000000000000680200000000000005000000000000e6"]) 1m15.754797003s ago: executing program 2 (id=977): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000ddff00850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) fchmodat(0xffffffffffffffff, 0x0, 0x0) 1m15.742745273s ago: executing program 2 (id=978): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000001080), 0x1, 0x4f7, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=") syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000380)='./file0\x00', 0x10e, &(0x7f0000000140)={[{@inlinecrypt}, {@nodelalloc}, {@jqfmt_vfsold}, {@bh}, {@block_validity}, {@quota}]}, 0xb, 0x460, &(0x7f0000001380)="$eJzs289vFFUcAPDvzLZg+WEr4g9+qFU0Nv5oaUHl4EGNJh40MfGCx9oWgizU0JoIIYrG4NGQeDceTfwLPOnFqCcTr3o3JMRwEU1M1szuDLs77C4U2i5lP59k4L2d17733Tdv9715nQAG1nj2TxKxLSJ+j4jRRra9wHjjvyuXz879c/nsXBK12tt/JfVyf18+O1cULX5ua56ZSCPSz5LY06HepdNnjs9Wqwun8vzU8on3p5ZOn3n22InZowtHF07OHDp08MD0C8/PPHeDkfxX63X2nqytuz9a3Lvr9XcuvDl3+MK7P3+bFPGX4lgl471OPlHr2dwNZ3tLOhnqY0NYkUpEZN01XB//o1GJZueNxmuf9rVxwJqq5bqcPlcD7mBJ9LsFQH8UX/TZ+rc41m/20X+XXm4sgLK4r+RH48xQpNFYGA2X1reraTwiDp/796vsiLW5DwEA0Ob7bP7zTKf5Xxr3t5S7O98bGsv3UnZExL0RsTMi7ouol30gIh5cYf3lTZJr5z/pxZsK7AZl878X872t9vlfWhQZq+S57fXMcHLkWHVhf/6eTMTw5iw/3aOOH1797Ytu51rnf9mR1V/MBfN2XBza3P4z87PLs7cSc6tLn0TsHuoUf3J1JyCJiF0Rsfsm6zj21Dd7u50rxT/SvvlY9lJ7dhX2mWpfRzzZ6P9zUYq/kPTen5y6K6oL+6eKq+Jav/x6/q1u9V+//9dW1v9bOl7/V+MfS1r3a5dWXsf5Pz7vuqaZXPH1vyk65T6cXV4+NR2xKXmj0ejW12ea5Yt8UT6Lf2Jf5/G/I5rvxJ6IyC7ihyLi4Yh4JO+7RyPisYjYVw4sbSZ/euXx95q59gv8duj/+VL/j7UXKfV/M7Epyq90TlSO//hd+29sJm/s8+9gPTWRv5J9/l1v97y1FUmPBt7auwcAAAAbQxoR2yJJJ6+m03RysvE3/DtjS1pdXFp++sjiByfnG88IjMVwWtzpatwPbtwPnc6X9UV+ppQ/kN83/rIyUs9Pzi1W5/sdPAy4rV3Gf+bPSr9bB6w5z2vB4DL+YXAZ/zC4jH8YXB3G/0g/2gGsv07f/x83k7XR9WwMsK5K49+2HwwQ638YXMY/DK7W8d/z+XvgTrI0Er0f3h+ARHp7NGODJSLtW+3pqv/mZI1Hwbb+99dKE/3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgd/wcAAP//nHbk3g==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x1304825, &(0x7f0000000140)='usrjquota=') 1m15.599744752s ago: executing program 2 (id=985): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) unlink(0x0) 1m15.442947601s ago: executing program 2 (id=991): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00U\x00=\t\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00', @ANYRES32=r2, @ANYBLOB="20000280", @ANYRES32=r0, @ANYBLOB="0000000000000000000000000a000000000000000000001420000100", @ANYRES32, @ANYBLOB="00000000ac1404ae00000000000000000000000086dd"], 0x58}}, 0x0) 1m15.386912874s ago: executing program 33 (id=991): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00U\x00=\t\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00', @ANYRES32=r2, @ANYBLOB="20000280", @ANYRES32=r0, @ANYBLOB="0000000000000000000000000a000000000000000000001420000100", @ANYRES32, @ANYBLOB="00000000ac1404ae00000000000000000000000086dd"], 0x58}}, 0x0) 1m14.222062402s ago: executing program 0 (id=1027): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x90, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x60, 0x2, {{}, [@TCA_NETEM_LOSS={0x4, 0xd, 0x0, 0x1, [@NETEM_LOSS_GI={0x18}, @NETEM_LOSS_GE={0x14}, @NETEM_LOSS_GE={0x11}]}]}}}]}, 0x90}}, 0x0) 1m14.175689665s ago: executing program 0 (id=1030): ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00'}) r0 = fsopen(&(0x7f0000000000)='debugfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='rootcontext', &(0x7f0000000040)='E\xe1\x85\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 1m14.158782406s ago: executing program 0 (id=1031): r0 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0) wait4(r0, 0x0, 0x80000000, &(0x7f0000000100)) ptrace(0x10, r0) wait4(r0, 0x0, 0xa0000009, 0x0) 1m14.057452632s ago: executing program 0 (id=1035): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000001080), 0x1, 0x4f7, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=") syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000380)='./file0\x00', 0x10e, &(0x7f0000000140)={[{@inlinecrypt}, {@nodelalloc}, {@jqfmt_vfsold}, {@bh}, {@block_validity}, {@quota}]}, 0xb, 0x460, &(0x7f0000001380)="$eJzs289vFFUcAPDvzLZg+WEr4g9+qFU0Nv5oaUHl4EGNJh40MfGCx9oWgizU0JoIIYrG4NGQeDceTfwLPOnFqCcTr3o3JMRwEU1M1szuDLs77C4U2i5lP59k4L2d17733Tdv9715nQAG1nj2TxKxLSJ+j4jRRra9wHjjvyuXz879c/nsXBK12tt/JfVyf18+O1cULX5ua56ZSCPSz5LY06HepdNnjs9Wqwun8vzU8on3p5ZOn3n22InZowtHF07OHDp08MD0C8/PPHeDkfxX63X2nqytuz9a3Lvr9XcuvDl3+MK7P3+bFPGX4lgl471OPlHr2dwNZ3tLOhnqY0NYkUpEZN01XB//o1GJZueNxmuf9rVxwJqq5bqcPlcD7mBJ9LsFQH8UX/TZ+rc41m/20X+XXm4sgLK4r+RH48xQpNFYGA2X1reraTwiDp/796vsiLW5DwEA0Ob7bP7zTKf5Xxr3t5S7O98bGsv3UnZExL0RsTMi7ouol30gIh5cYf3lTZJr5z/pxZsK7AZl878X872t9vlfWhQZq+S57fXMcHLkWHVhf/6eTMTw5iw/3aOOH1797Ytu51rnf9mR1V/MBfN2XBza3P4z87PLs7cSc6tLn0TsHuoUf3J1JyCJiF0Rsfsm6zj21Dd7u50rxT/SvvlY9lJ7dhX2mWpfRzzZ6P9zUYq/kPTen5y6K6oL+6eKq+Jav/x6/q1u9V+//9dW1v9bOl7/V+MfS1r3a5dWXsf5Pz7vuqaZXPH1vyk65T6cXV4+NR2xKXmj0ejW12ea5Yt8UT6Lf2Jf5/G/I5rvxJ6IyC7ihyLi4Yh4JO+7RyPisYjYVw4sbSZ/euXx95q59gv8duj/+VL/j7UXKfV/M7Epyq90TlSO//hd+29sJm/s8+9gPTWRv5J9/l1v97y1FUmPBt7auwcAAAAbQxoR2yJJJ6+m03RysvE3/DtjS1pdXFp++sjiByfnG88IjMVwWtzpatwPbtwPnc6X9UV+ppQ/kN83/rIyUs9Pzi1W5/sdPAy4rV3Gf+bPSr9bB6w5z2vB4DL+YXAZ/zC4jH8YXB3G/0g/2gGsv07f/x83k7XR9WwMsK5K49+2HwwQ638YXMY/DK7W8d/z+XvgTrI0Er0f3h+ARHp7NGODJSLtW+3pqv/mZI1Hwbb+99dKE/3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgd/wcAAP//nHbk3g==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x1304825, &(0x7f0000000140)='usrjquota=') 1m13.804743866s ago: executing program 0 (id=1037): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001440)={0x24, 0x0, 0x0, &(0x7f00000013c0)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x0, "741cb976"}]}}, 0x0}, 0x0) syz_usb_control_io(r0, &(0x7f0000000280)={0x2c, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0) 1m13.57464169s ago: executing program 0 (id=1039): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0}) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x1}) 1m13.520155993s ago: executing program 34 (id=1039): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0}) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x1}) 37.252493513s ago: executing program 1 (id=2402): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000040)={0x1, 0x0, [{0x1, 0xfffffffc, 0x2, 0x7fff, 0x8, 0xfffffbff, 0x5404bf99}]}) 37.174990868s ago: executing program 1 (id=2404): unshare(0x42000000) syz_io_uring_setup(0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/igmp6\x00') preadv(r0, &(0x7f0000002400)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1, 0x39c5, 0x0) 37.164377478s ago: executing program 1 (id=2406): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'pim6reg0\x00', 0x2}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x3) ioctl$TUNSETLINK(r0, 0x400454cd, 0x324) 37.032421006s ago: executing program 1 (id=2411): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x42) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 36.998752728s ago: executing program 1 (id=2413): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000080)={0x0, 0x6}) ioctl$MON_IOCH_MFLUSH(r0, 0x9208, 0x0) 36.922821712s ago: executing program 1 (id=2415): io_setup(0x3, &(0x7f0000000000)=0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64=r0], 0x48) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) io_submit(r0, 0x1, &(0x7f00000009c0)=[0x0]) 36.922742292s ago: executing program 35 (id=2415): io_setup(0x3, &(0x7f0000000000)=0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64=r0], 0x48) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) io_submit(r0, 0x1, &(0x7f00000009c0)=[0x0]) 35.432625039s ago: executing program 5 (id=2464): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) readlinkat(0xffffffffffffff9c, 0x0, 0x0, 0x0) 35.432353749s ago: executing program 5 (id=2465): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000100)={&(0x7f0000000080)={0xa, 0x4e22, 0x1000000080000, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c, 0x0, 0x0, &(0x7f0000000040)=[@rthdrdstopts={{0x12, 0x29, 0x32, {0x3a}}}], 0x18}, 0x0) 35.428498939s ago: executing program 5 (id=2466): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000f447333de39c7095758218a68bc5142f0cb2229fa6c8b0d7c8126aee6d3def94cd964218564fb1d255bce6cef9bea8322326039744a98eead8c59bc75bb5b42123eef53ae4bc331b0ad09a8efc4175c484ad74df9158ff1882cdd83c97c03a35e91c30a0"], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000006000000000000000000850000000f000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0, r0}, 0x10) 35.383523942s ago: executing program 5 (id=2467): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@test_dummy_encryption}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x460, &(0x7f00000008c0)="$eJzs3MtvVNUfAPDvve2UX38FWxFf4KOKRuKjpYDKwoUaTVxgYqILXU7aQpAChtZESBOLC1wZY+LeuPRfcKUbY1yZuNW9ISGGjeBqzJ25t/NgZvpgpoPM55MMfM99zDnfuffMnHvPTAMYWtPZP0nE7oj4PSIma8XmDaZr/924vjp/8/rqfBKVyrt/JdXt/r6+Ol9sWuw30ViIJA60qXf54qUz5aWlxQt5eXbl7EezyxcvvXD6bPnU4qnFc0eOHz92dO7ll4682JM8JyLNo7c++OrtE1805d+SR49Md1v5dKXS4+oGa09DnIwOsCFsyUhEZIerVO3/kzES9YM3GW9+tl74dEANBPqmUqlUJjqvXqsAd7Ekmsu6PAyL4oO+uP5tdx38at9GH4N37bXaBVCW9438UVszun7HoNRyfdtL0xHx/to/32SP6M99CACAJj9k45/ns9HO6nw29qiPP9J4oGG7e/K5oamIuDci9kbEfXEu9kXE/RHVbR+MiIe2WH/rJMmt45/06rYS26Rs/PdKPrfVPP4rRn8xNZKX9lTzLyUnTy8tHs5fk0NR2pWV57rU8eMbv33ZaV3j+C97ZPUXY8G8HVdHdzXvs1BeKd9Ozo2uXY7YP9ou/2R9JiCJiIcjYn+7J0g3ruP0s9890mndxvl30YN5psq3Ec/Ujv9atORfSLrPT87+L5YWD88WZ8Wtfvn1yjud6r+t/HsgO/7/b3v+r+c/lTTO1y5vvY4rf3ze8ZpmO+f/WnmlPJa8V43H8mWflFdWLsxFjCUnao1uXH6kvm9RLrbP8j90sH3/3xv1V+JARGQn8aMR8VhEPJ63/YmIeDIiDnbJ/+fXn/qwddn4pvPvryz/hS0d/3owFq1L2gcjZ376vqnSqXqY53+z+/E/Vo0O5Us28/63mXZt72wGAACA/540InZHks6sx2k6M1P7Dv++iHTp/PLKcyfPf3xuofYbgakopcWdrsmG+6Fz+WV9rXw5ImpfLSjWH420et/465Hxanlm/vzSwqCThyE30aH/Z/4cGXTrgL7zey0YXvo/DK+u/b+0c+0Adt4t/b9rn9/V17YAO6vN5//4INoB7Lx2439/7weGQ0v/N+0HQ8T9fxhe+j8ML/0fhtLyeGz8I/muQfFM29z9rg2idEc0o29BpHdEMwR9Cgb7vgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAr/wYAAP//HtbacA==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x480a) 35.311744016s ago: executing program 5 (id=2469): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) write$selinux_access(r1, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73302030"], 0x56) 34.887193311s ago: executing program 5 (id=2486): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="000000000087fb00b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f00000004c0)='kmem_cache_free\x00', r0}, 0x18) socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r1, &(0x7f0000000180)={&(0x7f0000000700)=@name={0x1e, 0x2, 0x3, {{0x42}, 0x1}}, 0x10, 0x0}, 0x0) 34.853191492s ago: executing program 36 (id=2486): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="000000000087fb00b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f00000004c0)='kmem_cache_free\x00', r0}, 0x18) socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r1, &(0x7f0000000180)={&(0x7f0000000700)=@name={0x1e, 0x2, 0x3, {{0x42}, 0x1}}, 0x10, 0x0}, 0x0) 16.16844064s ago: executing program 6 (id=3095): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x2000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) gettid() 15.897921185s ago: executing program 6 (id=3104): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x1) r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000d00), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_LINK_GET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="030700000000000000000800000068000480040007801300010062726f6164636173742d6c696e6b00001900078008000300000000000800020000000000080003000000000008000200000000000800030000000000040004"], 0x7c}}, 0x0) 15.883344316s ago: executing program 6 (id=3106): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket(0x840000000002, 0x3, 0xff) sendmmsg$inet(r1, &(0x7f0000000900)=[{{&(0x7f0000000000)={0x2, 0x4e21, @rand_addr=0x64010102}, 0x10, 0x0, 0x0, &(0x7f00000003c0)=[@ip_ttl={{0x14}}], 0x18}}], 0x1, 0x0) 15.838603349s ago: executing program 6 (id=3107): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x14404, &(0x7f0000000240)={[{@nobh}, {@stripe={'stripe', 0x3d, 0xffff}}, {@dioread_nolock}]}, 0x1, 0x3f6, &(0x7f0000000cc0)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl0sESERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3bxHbapA6ukt9PGnlmd+2Z3cmsdyez4wCOrZmIeDkiRiLiXERM5cvTPMT7zZBtt7O9ufz39uZyEvX6a38mkeTLis9K8tdT+QfMphHpR0k83iPfjVu3b5Sq1cp6np6vrb41v3Hr9rMrq6XrleuVm4vPnb9w8eILlxafH9i+bq0mnzz1zeXfPvu4/PlPf3w/nZX3dL6ucz8GZSZmWsdkt0uDzmzITnTEk9EhFgQAgD2l+bX/aOP6fypGon3xNhWf/jjUwgEAAAADUa8XrwAAAMDRlbj3BwAAgCOuGAews725XIQhDkfgP7a1FBHTzfq/m4fmmtHWM71ju57vHaSZiHj1xJXFLMQhPYcNAAAAcJz9sNSc+K+7/y+NRzq2OxkRk8XcfgM0syvd3f+T3hlwlnTYWop4MSLudvX/pcUm0yN56n+NrsKx5NpKtXIuIs5ExGyMTWTphT3yePeJG9/2W9fZ//flr68vZPlnr+0t0jujE/9+T7lUKz3IPtO29UHEY6O96j9p9fl2zpN5EG+s7LzUb11W/1l9F6G7/jlM9a8inu7Z/tszlyZ7z8863zgfzOdnhYnuPH45/fWH/fLvbP9ZyPIv/hfA4cva/+Te9d+YJ7c1X+/G/vP47q8rP/dbd+/6733+H0+uNgo4ni97p1SrrS9EjCeXu5f7a2opjkdxvLL6n32y9/d/cf2X5N/9Zzrmh96PV947e7XfOu1/uLL6L++r/e8/8ubko7P98r+/9n+hUZjiQ1z/3dv9VtCwywkAAAAAAADAYKSNsX1JOteKp+ncXHOc7/9jMq2ubdSeubb29s1ycwzgdIylxfjPqY7xoAvNx8hb6cVd6fMRcTYivpg62UjPLa9Vy8PeeQAAADgmTrXv/xs//F/c/2d+P8jDHgAAAMDDaXrYBQAAAAAOnft/AAAAONIeZF7/amW9+ImgA75dRETk4YwM+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcMz9EwAA///S0b+d") mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0) mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000200), 0x0, 0x0) unlink(&(0x7f00000000c0)='./file0/file0\x00') 15.759922303s ago: executing program 6 (id=3113): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x4) writev(r0, &(0x7f0000002740)=[{&(0x7f0000000280)="a2b0f06f309b", 0x6}, {0x0}], 0x2) 15.278537451s ago: executing program 6 (id=3126): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="480000001400010000000000000000000a00a100", @ANYRES32=r2, @ANYBLOB="14000100ff050000000000000000000000000001080008000204"], 0x48}}, 0x0) 15.278334501s ago: executing program 37 (id=3126): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="480000001400010000000000000000000a00a100", @ANYRES32=r2, @ANYBLOB="14000100ff050000000000000000000000000001080008000204"], 0x48}}, 0x0) 2.114558177s ago: executing program 7 (id=3578): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x8, 0x1, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0) ioctl$UI_DEV_DESTROY(r2, 0x5502) 2.020484983s ago: executing program 7 (id=3580): r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e8, 0x0, 0x168, 0x10, 0x190, 0xb, 0x418, 0x250, 0x250, 0x418, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [0xff6a], [0xff, 0x0, 0xff], 'erspan0\x00', 'veth0_to_bond\x00', {}, {0xff}, 0x3a, 0xb6, 0x0, 0x61}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@inet=@rpfilter={{0x28}, {0x1}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x6000000, 0x1, 0xfffffffc, 0x10000, 0x80000001}, {0xc}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0xfffffffc, 0x10000, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x160, 0x288, 0x0, {}, [@common=@unspec=@conntrack1={{0xb8}, {{@ipv4=@dev={0xac, 0x14, 0x14, 0x31}, [0xffffffff, 0xe704d5fd47b14c6a, 0xffffffff], @ipv4=@private=0xa010102, [0xffffffff, 0xff, 0xffffffff, 0xff000000], @ipv6=@dev={0xfe, 0x80, '\x00', 0x3e}, [0xff000000, 0x0, 0xff000000, 0xff000000], @ipv6=@empty, [0xff, 0x0, 0xff, 0xff000000], 0x7, 0x2, 0x29, 0x4e22, 0x4e22, 0x4e20, 0x4e24, 0x102, 0x1220}, 0x1, 0x4}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:apt_exec_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x548) 1.950862257s ago: executing program 9 (id=3584): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x28, r1, 0x1, 0x70bd28, 0xfffffffe, {0x1c}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan0\x00'}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0xfffffffffffffffe}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x0) 1.949061687s ago: executing program 9 (id=3585): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x88200, 0x0) ioctl$TCXONC(r0, 0x540a, 0x2) ppoll(&(0x7f0000000080)=[{r0, 0x20}], 0x1, 0x0, 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000)=0xb) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000180)={0xf, 0x9, 0x400, 0x100, 0x16, "96bf4f00"}) 1.947473937s ago: executing program 7 (id=3586): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0) dup3(r0, r2, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) shutdown(r0, 0x0) 1.882851391s ago: executing program 7 (id=3588): r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) close(r0) socket(0x28, 0x80805, 0x0) r1 = epoll_create1(0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000640), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 1.095155187s ago: executing program 9 (id=3590): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002880)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) io_setup(0x6, &(0x7f0000002140)=0x0) read$FUSE(r0, &(0x7f0000002900)={0x2020}, 0x2020) io_submit(r1, 0x1, &(0x7f0000000a40)=[&(0x7f0000002180)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 1.03129483s ago: executing program 7 (id=3592): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) r1 = epoll_create(0x3) epoll_pwait2(r1, &(0x7f00000001c0)=[{}], 0x1, &(0x7f0000000180)={0x0, 0x3938700}, 0x0, 0x0) 944.455265ms ago: executing program 7 (id=3593): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00220f00000007c9c0d224d326b9a7ab"], 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000180), 0x0, 0x80200) ioctl$HIDIOCSUSAGE(r1, 0x4018480c, &(0x7f0000000240)={0x1, 0x2, 0x6, 0x6, 0x5, 0x4}) 266.425755ms ago: executing program 8 (id=3628): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) setpgid(0x0, 0x0) 254.874025ms ago: executing program 8 (id=3629): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301) ioctl$USBDEVFS_REAPURB(r1, 0x4004550c, 0x0) ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x0, 0x40, &(0x7f0000000000)={0x4b5a9da54893e123, 0x14, 0x8, 0x2}, 0x8, 0x7, 0x200, 0x0, 0x0, 0x20000, 0x0}) 218.061068ms ago: executing program 4 (id=3631): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2542, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x1, 0xfe, 0x1, 0x2, 0x6, 0xfe, 0x4, 0x6, 0xfc, 0x7f, 0x4, 0xe4, 0x10, 0x0, 0x4, 0x3}}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000001c0)={0x1, 0x0, @pic={0x4, 0x2, 0x9, 0x8, 0x8, 0x5, 0xa3, 0x8, 0x2e, 0xfc, 0x4, 0x0, 0x1, 0x3, 0xe4, 0xf}}) 188.698229ms ago: executing program 9 (id=3632): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x450, 0x0, 0x1acc02, 0x148, 0x0, 0x10, 0x3b8, 0x2a8, 0x2a8, 0x3b8, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x40000, 0x2f8, 0x320, 0x0, {0x0, 0x5803}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x9, 0x1, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x10, './file0\x00'}}]}, @common=@inet=@SET1={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4b0) 180.60947ms ago: executing program 3 (id=3633): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) write$tun(r0, &(0x7f00000001c0)=ANY=[], 0x92) 172.76988ms ago: executing program 4 (id=3634): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = socket$inet_tcp(0x2, 0x1, 0x0) close(r1) pipe(&(0x7f00000003c0)) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000840)={r0, &(0x7f0000000240), &(0x7f0000000080)=@tcp=r1}, 0x20) 156.990401ms ago: executing program 8 (id=3635): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000200)={{0x7, 0xe339, 0x1, 0xff}, 'syz0\x00', 0x15}) ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0xf) ioctl$UI_DEV_CREATE(r0, 0x5501) 147.256662ms ago: executing program 4 (id=3636): pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid}]}}) 132.976782ms ago: executing program 9 (id=3637): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000040)=@x86={0xb9, 0x5, 0x6, 0x0, 0x3, 0x2, 0x6c, 0x75, 0xa, 0x3, 0x4, 0x0, 0x0, 0x4, 0x4, 0x2, 0x1, 0x2, 0x7, '\x00', 0x9a, 0x400}) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000000280)=@arm64) 98.272894ms ago: executing program 9 (id=3638): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0) close(r0) 97.808225ms ago: executing program 3 (id=3648): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) inotify_init() 93.567655ms ago: executing program 8 (id=3639): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x48, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x6, 0x2}, {0x0, 0x9}, {0x0, 0xa}}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_bpf={{0x8}, {0xc, 0x2, [@TCA_BPF_CLASSID={0x8, 0x3, {0x2, 0xfff1}}]}}, @TCA_RATE={0x6, 0x5, {0x4, 0x10}}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000880)=@delqdisc={0xc4, 0x25, 0x100, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0x0, 0xd}, {0xa, 0x4}}, [@TCA_RATE={0x6, 0x5, {0x1, 0xb9}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x81}, @qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_TARGET={0x8}]}}, @TCA_STAB={0x78, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0x7, 0x5, 0xa, 0x1, 0x8d6, 0x100, 0x3}}, {0xa, 0x2, [0x6, 0x0, 0x3]}}, {{0x1c, 0x1, {0x7, 0x33, 0x1, 0xffff8000, 0x2, 0x10001, 0x7, 0x1}}, {0x6, 0x2, [0x7]}}, {{0x1c, 0x1, {0x9, 0x1, 0x6, 0x4, 0x2, 0x7fff, 0xffff, 0x3}}, {0xa, 0x2, [0x1, 0x40, 0xff]}}]}]}, 0xc4}}, 0x40001) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f00000001c0)=""/17, 0x1d8}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x45}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f0000000280)=""/85, 0x7c}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 47.811458ms ago: executing program 3 (id=3640): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a000000030000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) select(0x40, &(0x7f0000000340)={0xd, 0x0, 0x0, 0x0, 0x0, 0x2e787ec3, 0x0, 0x1}, 0x0, 0x0, 0x0) 47.556937ms ago: executing program 8 (id=3641): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x21ee, 0x4) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000000)=0x5, 0x4) sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800) recvfrom(r0, &(0x7f0000000200)=""/131, 0xf92e58a67d38802c, 0x2101, 0x0, 0x0) 47.392058ms ago: executing program 4 (id=3642): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="b800000019000800fcffffff00000000ac14142c000000000000000000000000fe8000000000000000000000000000aa000000004e2400000a00000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000010fe"], 0xb8}}, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="0213f803030000002cbd7000fddbdf2501"], 0x18}}, 0x2000) 47.140358ms ago: executing program 3 (id=3643): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x4, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x2e}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$ENABLE_STATS(0x20, 0x0, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r2, 0x4) sendmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x50) 26.020719ms ago: executing program 4 (id=3644): r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18) writev(r0, &(0x7f0000000040)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1) 25.651209ms ago: executing program 8 (id=3645): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000100)={{0xffff, 0xfffe}, 'syz0\x00', 0x4}) ioctl$UI_DEV_CREATE(r1, 0x5501) 501.4µs ago: executing program 3 (id=3646): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000080000000000180003801400038010"], 0x44}}, 0x0) 258.741µs ago: executing program 4 (id=3647): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000820000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="680000001c000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="4000ba000a000200aa"], 0x68}}, 0x0) 0s ago: executing program 3 (id=3649): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, 0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10) setpgid(0x0, 0x0) kernel console output (not intermixed with test programs): 406: comm syz.3.2167: couldn't read orphan inode 15 (err -117) [ 86.127469][ T5342] EXT4-fs (loop6): 1 truncate cleaned up [ 86.132956][ T5342] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,resgid=0x000000000000ee00,noacl,noload,data_err=ignore,data_err=ignore,,errors=continue. Quota mode: none. [ 86.157905][ T5344] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback. [ 86.198504][ T5344] overlayfs: conflicting lowerdir path [ 86.216828][ T5359] serio: Serial port ptm0 [ 86.268655][ T5373] loop3: detected capacity change from 0 to 256 [ 86.281441][ T5346] loop7: detected capacity change from 0 to 40427 [ 86.297906][ T5346] F2FS-fs (loop7): fault_injection options not supported [ 86.305777][ T5346] F2FS-fs (loop7): invalid crc value [ 86.320442][ T5346] F2FS-fs (loop7): Found nat_bits in checkpoint [ 86.364248][ T5381] device veth1_to_batadv entered promiscuous mode [ 86.377267][ T5381] device macsec1 entered promiscuous mode [ 86.383875][ T5346] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 86.470445][ T4892] attempt to access beyond end of device [ 86.470445][ T4892] loop7: rw=2049, want=45104, limit=40427 [ 86.512967][ T5396] kvm [5395]: vcpu1, guest rIP: 0xfff0 unimplemented HWCR wrmsr: 0x93 [ 86.588146][ T5410] loop6: detected capacity change from 0 to 256 [ 86.627661][ T5410] exfat: Deprecated parameter 'namecase' [ 86.639675][ T5410] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x6dfb6af6, utbl_chksum : 0xe619d30d) [ 86.673600][ T30] kauditd_printk_skb: 134 callbacks suppressed [ 86.673618][ T30] audit: type=1400 audit(1739920134.007:2239): avc: denied { setopt } for pid=5423 comm="syz.7.2188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 86.713072][ T5426] loop7: detected capacity change from 0 to 512 [ 86.729746][ T30] audit: type=1326 audit(1739920134.067:2240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5421 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 86.765859][ T5426] EXT4-fs error (device loop7): ext4_orphan_get:1401: inode #15: comm syz.7.2202: casefold flag without casefold feature [ 86.785081][ T5426] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.2202: couldn't read orphan inode 15 (err -117) [ 86.785673][ T30] audit: type=1326 audit(1739920134.097:2241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5421 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 86.809147][ T5426] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 86.842345][ T30] audit: type=1326 audit(1739920134.097:2242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5421 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 86.865936][ T30] audit: type=1326 audit(1739920134.097:2243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5421 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 86.891153][ T30] audit: type=1326 audit(1739920134.097:2244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5421 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 86.931745][ T5439] bridge: RTM_DELNEIGH with unconfigured vlan 1 on bridge_slave_0 [ 86.939477][ T30] audit: type=1326 audit(1739920134.167:2245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5432 comm="syz.6.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e8e339de9 code=0x7ffc0000 [ 86.982741][ T30] audit: type=1326 audit(1739920134.167:2246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5432 comm="syz.6.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e8e339de9 code=0x7ffc0000 [ 87.007384][ T30] audit: type=1326 audit(1739920134.177:2247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5432 comm="syz.6.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e8e339de9 code=0x7ffc0000 [ 87.047237][ T30] audit: type=1326 audit(1739920134.177:2248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5432 comm="syz.6.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e8e339de9 code=0x7ffc0000 [ 87.085009][ T5450] netlink: 156 bytes leftover after parsing attributes in process `syz.5.2211'. [ 87.119415][ T5450] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2211'. [ 87.157324][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 87.210463][ T5464] loop5: detected capacity change from 0 to 512 [ 87.273394][ T5464] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 87.286198][ T5464] ext4 filesystem being mounted at /275/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.319268][ T20] kernel write not supported for file /121/attr/sockcreate (pid: 20 comm: kworker/0:1) [ 87.351845][ T5484] loop3: detected capacity change from 0 to 256 [ 87.367194][ T5486] input: syz1 as /devices/virtual/input/input17 [ 87.411316][ T5484] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 87.554269][ T5502] overlayfs: workdir and upperdir must be separate subtrees [ 87.568773][ T5420] loop1: detected capacity change from 0 to 131072 [ 87.598402][ T5420] F2FS-fs (loop1): QUOTA feature is enabled, so ignore jquota_fmt [ 87.607393][ T5420] F2FS-fs (loop1): invalid crc value [ 87.625574][ T5517] input: syz0 as /devices/virtual/input/input18 [ 87.631694][ T5420] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 87.669452][ T5420] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b [ 87.703081][ T5526] kvm [5525]: vcpu1, guest rIP: 0xfff0 unimplemented HWCR wrmsr: 0x93 [ 87.871545][ T5548] loop7: detected capacity change from 0 to 1024 [ 87.951677][ T5548] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:476: comm syz.7.2253: Invalid block bitmap block 0 in block_group 0 [ 87.987557][ T5548] EXT4-fs error (device loop7): ext4_acquire_dquot:6188: comm syz.7.2253: Failed to acquire dquot type 0 [ 88.004919][ T5548] EXT4-fs error (device loop7): ext4_free_blocks:6223: comm syz.7.2253: Freeing blocks not in datazone - block = 0, count = 4096 [ 88.057095][ T5548] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.2253: Invalid inode bitmap blk 0 in block_group 0 [ 88.084912][ T5548] EXT4-fs error (device loop7) in ext4_free_inode:362: Corrupt filesystem [ 88.093451][ T311] EXT4-fs error (device loop7): ext4_release_dquot:6211: comm kworker/u4:3: Failed to release dquot type 0 [ 88.104945][ T5548] EXT4-fs (loop7): 1 orphan inode deleted [ 88.111580][ T5548] EXT4-fs (loop7): mounted filesystem without journal. Opts: ; sysvgroups,stripe=0x0000000000000000,auto_da_alloc,quota,nogrpid,norecovery,bsddf,noinit_itable,,errors=continue. Quota mode: writeback. [ 88.321278][ T5596] loop7: detected capacity change from 0 to 256 [ 88.340016][ T5598] loop3: detected capacity change from 0 to 128 [ 88.388285][ T5598] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 88.410855][ T5598] ext4 filesystem being mounted at /497/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 88.452390][ T5598] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: none. [ 88.542549][ T5615] loop7: detected capacity change from 0 to 512 [ 88.610781][ T5625] loop3: detected capacity change from 0 to 512 [ 88.625259][ T5595] loop6: detected capacity change from 0 to 40427 [ 88.633044][ T5615] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 88.648583][ T5625] EXT4-fs (loop3): Test dummy encryption mode enabled [ 88.655306][ T5625] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 88.669597][ T5595] F2FS-fs (loop6): invalid crc value [ 88.675127][ T5615] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.698217][ T5625] EXT4-fs (loop3): 1 truncate cleaned up [ 88.703709][ T5625] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,journal_ioprio=0x0000000000000001,max_dir_size_kb=0x000000000000148a,,errors=continue. Quota mode: none. [ 88.746502][ T5595] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 88.780933][ T5595] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 88.954189][ T5670] loop3: detected capacity change from 0 to 512 [ 88.978520][ T5670] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 88.992404][ T5670] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,user_xattr,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 89.034407][ T5672] loop7: detected capacity change from 0 to 8192 [ 89.085642][ T5685] loop6: detected capacity change from 0 to 16 [ 89.107892][ T5685] erofs: (device loop6): mounted with root inode @ nid 36. [ 89.155170][ T5697] device bridge_slave_0 left promiscuous mode [ 89.161380][ T5697] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.231745][ T5711] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2325'. [ 89.513290][ T5731] loop7: detected capacity change from 0 to 512 [ 89.543940][ T5729] loop5: detected capacity change from 0 to 4096 [ 89.588003][ T5731] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 89.615318][ T5731] EXT4-fs (loop7): invalid journal inode [ 89.636334][ T5729] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 89.643810][ T5731] EXT4-fs (loop7): can't get journal size [ 89.656383][ T5747] loop6: detected capacity change from 0 to 1024 [ 89.676071][ T5731] EXT4-fs (loop7): 1 truncate cleaned up [ 89.681769][ T5731] EXT4-fs (loop7): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none. [ 89.704940][ T5750] loop1: detected capacity change from 0 to 512 [ 89.718813][ T5747] EXT4-fs (loop6): Ignoring removed nobh option [ 89.733447][ T5747] EXT4-fs error (device loop6): ext4_ext_check_inode:501: inode #11: comm syz.6.2338: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 89.752128][ T5750] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 89.761739][ T5756] loop5: detected capacity change from 0 to 1024 [ 89.772749][ T5750] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 89.791455][ T5747] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.2338: couldn't read orphan inode 11 (err -117) [ 89.805488][ T5756] EXT4-fs (loop5): Ignoring removed nobh option [ 89.813270][ T5756] EXT4-fs (loop5): Ignoring removed bh option [ 89.819749][ T5756] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 89.827114][ T5747] EXT4-fs (loop6): mounted filesystem without journal. Opts: sysvgroups,noload,nobh,noload,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue. Quota mode: writeback. [ 89.877547][ T5756] EXT4-fs (loop5): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback. [ 89.915414][ T5756] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3876: comm syz.5.2340: Allocating blocks 497-513 which overlap fs metadata [ 89.927425][ T5747] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:476: comm syz.6.2338: Invalid block bitmap block 0 in block_group 0 [ 89.944520][ T5756] EXT4-fs (loop5): pa ffff888110d1c348: logic 128, phys. 385, len 8 [ 89.952411][ T5756] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 1 [ 89.963716][ T5768] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 90.006468][ T5747] EXT4-fs error (device loop6): ext4_acquire_dquot:6188: comm syz.6.2338: Failed to acquire dquot type 0 [ 90.021162][ T5769] EXT4-fs error (device loop6): ext4_read_inode_bitmap:140: comm syz.6.2338: Invalid inode bitmap blk 137438953472 in block_group 0 [ 90.060719][ T319] EXT4-fs error (device loop6): __ext4_get_inode_loc:4351: comm kworker/u4:4: Invalid inode table block 8589934593 in block_group 0 [ 90.357711][ T5809] fuse: Unknown parameter '0x0000000000000005' [ 90.797332][ T5849] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2383'. [ 90.826956][ T2009] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 90.898012][ T5865] loop1: detected capacity change from 0 to 128 [ 90.933611][ T5794] loop6: detected capacity change from 0 to 131072 [ 90.956164][ T5794] F2FS-fs (loop6): QUOTA feature is enabled, so ignore jquota_fmt [ 90.987280][ T5794] F2FS-fs (loop6): invalid crc value [ 90.999519][ T5882] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2399'. [ 91.008937][ T5882] sch_tbf: peakrate 4 is lower than or equals to rate 5 ! [ 91.023495][ T5794] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 91.069290][ T5794] F2FS-fs (loop6): Mounted with checkpoint version = 753bd00b [ 91.227865][ T2009] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 91.241325][ T2009] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 91.255419][ T5903] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 91.258060][ T2009] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.267141][ T5903] pim6reg0: linktype set to 804 [ 91.327739][ T2009] snd-usb-audio: probe of 6-1:27.0 failed with error -2 [ 91.451070][ T5922] tun0: tun_chr_ioctl cmd 1074025677 [ 91.457897][ T5922] tun0: linktype set to 776 [ 91.531285][ T39] usb 6-1: USB disconnect, device number 5 [ 91.612414][ T5923] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.619371][ T5923] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.626784][ T5923] device bridge_slave_0 entered promiscuous mode [ 91.635308][ T5923] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.642831][ T5923] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.650453][ T5923] device bridge_slave_1 entered promiscuous mode [ 91.677280][ T30] kauditd_printk_skb: 279 callbacks suppressed [ 91.677295][ T30] audit: type=1326 audit(1739920139.017:2523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5931 comm="syz.7.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 91.741832][ T30] audit: type=1326 audit(1739920139.047:2524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5931 comm="syz.7.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 91.774569][ T5923] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.775601][ T30] audit: type=1326 audit(1739920139.047:2525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5931 comm="syz.7.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 91.781598][ T5923] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.781721][ T5923] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.818632][ T5923] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.825309][ T30] audit: type=1326 audit(1739920139.047:2526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5931 comm="syz.7.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 91.850721][ T30] audit: type=1326 audit(1739920139.047:2527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5931 comm="syz.7.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 91.902778][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 91.918860][ T5940] loop3: detected capacity change from 0 to 256 [ 91.925597][ T319] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.932611][ T30] audit: type=1326 audit(1739920139.047:2528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5931 comm="syz.7.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 91.956152][ T319] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.984914][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 91.986629][ T30] audit: type=1326 audit(1739920139.047:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5931 comm="syz.7.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 91.993555][ T319] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.017429][ T5940] exfat: Deprecated parameter 'namecase' [ 92.022869][ T319] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.040511][ T5940] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 92.064269][ T30] audit: type=1400 audit(1739920139.397:2530): avc: denied { write } for pid=5939 comm="syz.3.2424" name="file1" dev="loop3" ino=1048750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 92.064434][ T5940] exFAT-fs (loop3): error, tried to truncate zeroed cluster. [ 92.104565][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 92.113754][ T30] audit: type=1400 audit(1739920139.397:2531): avc: denied { open } for pid=5939 comm="syz.3.2424" name="file1" dev="loop3" ino=1048750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 92.142628][ T319] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.149529][ T319] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.168465][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 92.177454][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 92.185022][ T30] audit: type=1400 audit(1739920139.447:2532): avc: denied { shutdown } for pid=5941 comm="syz.7.2425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 92.194139][ T5923] device veth0_vlan entered promiscuous mode [ 92.218980][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 92.237790][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 92.257428][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 92.265627][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 92.282094][ T5923] device veth1_macvtap entered promiscuous mode [ 92.299762][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 92.329012][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 92.348424][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 92.358902][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 92.367884][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 92.439730][ T5976] loop6: detected capacity change from 0 to 512 [ 92.459033][ T5976] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 92.471346][ T5976] EXT4-fs error (device loop6): ext4_orphan_get:1427: comm syz.6.2438: bad orphan inode 131083 [ 92.482506][ T5976] EXT4-fs (loop6): mounted filesystem without journal. Opts: stripe=0x000000000000003d,init_itable,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 92.652002][ T6013] loop5: detected capacity change from 0 to 1024 [ 92.689853][ T6019] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2458'. [ 92.700926][ T6019] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2458'. [ 92.718633][ T6013] EXT4-fs (loop5): Ignoring removed nobh option [ 92.725763][ T10] device veth1_macvtap left promiscuous mode [ 92.731697][ T6013] EXT4-fs (loop5): Ignoring removed bh option [ 92.742117][ T10] device veth0_vlan left promiscuous mode [ 92.751774][ T6013] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 92.769138][ T6013] EXT4-fs (loop5): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,errors=remount-ro,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,. Quota mode: writeback. [ 92.856301][ T6009] loop6: detected capacity change from 0 to 40427 [ 92.878036][ T6009] F2FS-fs (loop6): Invalid SB checksum offset: 0 [ 92.884275][ T6009] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock [ 92.893637][ T39] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 92.903898][ T6009] F2FS-fs (loop6): invalid crc value [ 92.916522][ T6009] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 92.951019][ T6043] loop5: detected capacity change from 0 to 512 [ 92.977257][ T6009] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0 [ 92.984122][ T6009] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 92.989681][ T6043] EXT4-fs (loop5): Test dummy encryption mode enabled [ 92.998704][ T6043] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 93.022382][ T6043] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.2467: bad orphan inode 131083 [ 93.045793][ T2621] attempt to access beyond end of device [ 93.045793][ T2621] loop6: rw=2049, want=45104, limit=40427 [ 93.072728][ T6025] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2461'. [ 93.082766][ T6025] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2461'. [ 93.137543][ T6054] tipc: Trying to set illegal importance in message [ 93.267176][ T39] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 93.280027][ T6069] syz.6.2479[6069] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 93.280113][ T6069] syz.6.2479[6069] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 93.291636][ T39] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 93.347129][ T39] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.367525][ T39] usb 9-1: config 0 descriptor?? [ 93.367757][ T6069] SELinux: Context system_u:object_r:cgroup_t:s0 is not valid (left unmapped). [ 93.402122][ T6079] loop7: detected capacity change from 0 to 512 [ 93.428657][ T6083] loop6: detected capacity change from 0 to 512 [ 93.460266][ T6083] EXT4-fs (loop6): Ignoring removed nobh option [ 93.469962][ T6083] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 93.506408][ T6079] EXT4-fs error (device loop7): ext4_do_update_inode:5205: inode #16: comm syz.7.2483: corrupted inode contents [ 93.518552][ T6083] EXT4-fs (loop6): can't mount with journal_async_commit, fs mounted w/o journal [ 93.557683][ T6079] EXT4-fs error (device loop7): ext4_dirty_inode:6041: inode #16: comm syz.7.2483: mark_inode_dirty error [ 93.569743][ T6079] EXT4-fs error (device loop7): ext4_do_update_inode:5205: inode #16: comm syz.7.2483: corrupted inode contents [ 93.582096][ T6079] EXT4-fs error (device loop7): __ext4_ext_dirty:183: inode #16: comm syz.7.2483: mark_inode_dirty error [ 93.593697][ T6079] EXT4-fs error (device loop7): ext4_do_update_inode:5205: inode #16: comm syz.7.2483: corrupted inode contents [ 93.609803][ T6083] netlink: 128 bytes leftover after parsing attributes in process `syz.6.2485'. [ 93.615804][ T6079] EXT4-fs error (device loop7) in ext4_orphan_del:305: Corrupt filesystem [ 93.627446][ T6079] EXT4-fs error (device loop7): ext4_do_update_inode:5205: inode #16: comm syz.7.2483: corrupted inode contents [ 93.639813][ T6079] EXT4-fs error (device loop7): ext4_truncate:4303: inode #16: comm syz.7.2483: mark_inode_dirty error [ 93.651267][ T6079] EXT4-fs error (device loop7) in ext4_process_orphan:347: Corrupt filesystem [ 93.660655][ T6079] EXT4-fs (loop7): 1 truncate cleaned up [ 93.666403][ T6079] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.676258][ T6081] loop3: detected capacity change from 0 to 40427 [ 93.683270][ T319] tipc: Subscription rejected, illegal request [ 93.727566][ T6095] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 93.739908][ T6095] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.746864][ T6095] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.755367][ T6081] F2FS-fs (loop3): Found nat_bits in checkpoint [ 93.795197][ T6088] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.818086][ T6088] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.828571][ T6081] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 93.837815][ T39] keytouch 0003:0926:3333.0007: fixing up Keytouch IEC report descriptor [ 93.842733][ T6088] device bridge_slave_0 entered promiscuous mode [ 93.854867][ T39] input: HID 0926:3333 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:0926:3333.0007/input/input20 [ 93.873882][ T6088] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.891377][ T6088] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.899232][ T6088] device bridge_slave_1 entered promiscuous mode [ 93.907426][ T289] attempt to access beyond end of device [ 93.907426][ T289] loop3: rw=2049, want=45104, limit=40427 [ 93.947273][ T39] keytouch 0003:0926:3333.0007: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.8-1/input0 [ 94.017749][ T6119] tmpfs: Unknown parameter '01777777777777777777777' [ 94.025542][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.047902][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.226065][ T6088] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.232967][ T6088] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.240083][ T6088] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.246939][ T6088] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.248688][ T312] usb 9-1: USB disconnect, device number 2 [ 94.312918][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 94.322945][ T311] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.337381][ T311] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.366586][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 94.394020][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 94.406609][ T311] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.413647][ T311] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.423438][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 94.434047][ T6163] loop7: detected capacity change from 0 to 512 [ 94.441694][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 94.450228][ T311] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.457100][ T311] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.464382][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 94.475102][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 94.491336][ T6150] loop6: detected capacity change from 0 to 40427 [ 94.507141][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 94.509151][ T6163] EXT4-fs mount: 2 callbacks suppressed [ 94.509170][ T6163] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback. [ 94.520755][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 94.536824][ T6163] ext4 filesystem being mounted at /143/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 94.557631][ T6150] F2FS-fs (loop6): fault_injection options not supported [ 94.564564][ T6150] F2FS-fs (loop6): fault_type options not supported [ 94.572013][ T6150] F2FS-fs (loop6): invalid crc value [ 94.583247][ T6088] device veth0_vlan entered promiscuous mode [ 94.591354][ T6150] F2FS-fs (loop6): Found nat_bits in checkpoint [ 94.598313][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 94.618617][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 94.638613][ T6150] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 94.645623][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 94.667359][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 94.675470][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 94.684103][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 94.698833][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 94.709455][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 94.733007][ T2621] attempt to access beyond end of device [ 94.733007][ T2621] loop6: rw=2049, want=45104, limit=40427 [ 94.744719][ T6088] device veth1_macvtap entered promiscuous mode [ 94.773335][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 94.781176][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 94.797313][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 94.825509][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 94.842568][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 94.872547][ T6193] loop3: detected capacity change from 0 to 256 [ 94.898197][ T6197] binfmt_misc: register: failed to install interpreter file ./file2 [ 94.929399][ T6193] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d) [ 94.948783][ T6203] loop9: detected capacity change from 0 to 128 [ 95.007433][ T6210] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 95.038848][ T6218] loop3: detected capacity change from 0 to 256 [ 95.205194][ T6252] loop8: detected capacity change from 0 to 256 [ 95.230174][ T6252] exFAT-fs (loop8): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d) [ 95.242719][ T6252] exFAT-fs (loop8): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 95.291183][ T6265] loop3: detected capacity change from 0 to 512 [ 95.306391][ T6267] loop8: detected capacity change from 0 to 512 [ 95.318545][ T6265] EXT4-fs (loop3): Test dummy encryption mode enabled [ 95.331616][ T6265] EXT4-fs error (device loop3): ext4_fill_super:4832: inode #2: comm syz.3.2566: casefold flag without casefold feature [ 95.349912][ T6265] EXT4-fs (loop3): get root inode failed [ 95.356964][ T6265] EXT4-fs (loop3): mount failed [ 95.363121][ T6267] EXT4-fs error (device loop8): ext4_do_update_inode:5205: inode #16: comm syz.8.2563: corrupted inode contents [ 95.379898][ T6267] EXT4-fs error (device loop8): ext4_dirty_inode:6041: inode #16: comm syz.8.2563: mark_inode_dirty error [ 95.391732][ T6267] EXT4-fs error (device loop8): ext4_do_update_inode:5205: inode #16: comm syz.8.2563: corrupted inode contents [ 95.417318][ T6267] EXT4-fs error (device loop8): __ext4_ext_dirty:183: inode #16: comm syz.8.2563: mark_inode_dirty error [ 95.444153][ T6267] EXT4-fs error (device loop8): ext4_do_update_inode:5205: inode #16: comm syz.8.2563: corrupted inode contents [ 95.467226][ T6267] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem [ 95.478370][ T6267] EXT4-fs error (device loop8): ext4_do_update_inode:5205: inode #16: comm syz.8.2563: corrupted inode contents [ 95.507218][ T6267] EXT4-fs error (device loop8): ext4_truncate:4303: inode #16: comm syz.8.2563: mark_inode_dirty error [ 95.520329][ T6267] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem [ 95.529725][ T6267] EXT4-fs (loop8): 1 truncate cleaned up [ 95.535398][ T6267] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 95.548462][ T6267] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.594454][ T6288] loop6: detected capacity change from 0 to 256 [ 95.653952][ T6296] loop8: detected capacity change from 0 to 256 [ 95.714456][ T6296] FAT-fs (loop8): Directory bread(block 64) failed [ 95.720854][ T6310] loop3: detected capacity change from 0 to 512 [ 95.727858][ T6296] FAT-fs (loop8): Directory bread(block 65) failed [ 95.734258][ T6296] FAT-fs (loop8): Directory bread(block 66) failed [ 95.740645][ T6296] FAT-fs (loop8): Directory bread(block 67) failed [ 95.747512][ T6296] FAT-fs (loop8): Directory bread(block 68) failed [ 95.753897][ T6296] FAT-fs (loop8): Directory bread(block 69) failed [ 95.760286][ T6296] FAT-fs (loop8): Directory bread(block 70) failed [ 95.766689][ T6296] FAT-fs (loop8): Directory bread(block 71) failed [ 95.773260][ T6296] FAT-fs (loop8): Directory bread(block 72) failed [ 95.781396][ T6296] FAT-fs (loop8): Directory bread(block 73) failed [ 95.795897][ T6310] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.2584: corrupted inode contents [ 95.827329][ T6310] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #16: comm syz.3.2584: mark_inode_dirty error [ 95.856993][ T6310] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.2584: corrupted inode contents [ 95.897187][ T6310] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #16: comm syz.3.2584: mark_inode_dirty error [ 95.918439][ T6310] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.2584: corrupted inode contents [ 95.947184][ T6310] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 95.963182][ T6310] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.2584: corrupted inode contents [ 95.975111][ T6310] EXT4-fs error (device loop3): ext4_truncate:4303: inode #16: comm syz.3.2584: mark_inode_dirty error [ 95.987489][ T6310] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 95.996837][ T6310] EXT4-fs (loop3): 1 truncate cleaned up [ 96.003029][ T6310] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 96.015199][ T6310] ext4 filesystem being mounted at /573/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.027914][ T6329] binfmt_misc: register: failed to install interpreter file ./file0 [ 96.156964][ T1746] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 96.517816][ T1746] usb 10-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 96.536973][ T1746] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 96.545930][ T1746] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.590714][ T6337] loop3: detected capacity change from 0 to 131072 [ 96.607877][ T1746] snd-usb-audio: probe of 10-1:27.0 failed with error -2 [ 96.621873][ T6337] F2FS-fs (loop3): invalid crc value [ 96.631329][ T6337] F2FS-fs (loop3): Found nat_bits in checkpoint [ 96.691262][ T6337] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 96.739742][ T30] kauditd_printk_skb: 96 callbacks suppressed [ 96.739759][ T30] audit: type=1326 audit(1739920144.077:2629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6370 comm="syz.7.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 96.787086][ T30] audit: type=1326 audit(1739920144.077:2630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6370 comm="syz.7.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 96.811485][ T30] audit: type=1326 audit(1739920144.077:2631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6370 comm="syz.7.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 96.813696][ T1746] usb 10-1: USB disconnect, device number 2 [ 96.844584][ T30] audit: type=1326 audit(1739920144.077:2632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6370 comm="syz.7.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 96.874313][ T30] audit: type=1326 audit(1739920144.107:2633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6370 comm="syz.7.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 96.899288][ T30] audit: type=1326 audit(1739920144.117:2634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6370 comm="syz.7.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 96.926247][ T6375] loop8: detected capacity change from 0 to 512 [ 96.932737][ T30] audit: type=1326 audit(1739920144.117:2635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6370 comm="syz.7.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 96.956887][ T30] audit: type=1326 audit(1739920144.117:2636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6370 comm="syz.7.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 96.981209][ T6375] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 96.991624][ T30] audit: type=1326 audit(1739920144.117:2637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6370 comm="syz.7.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 97.018349][ T6375] EXT4-fs (loop8): 1 truncate cleaned up [ 97.024070][ T6375] EXT4-fs (loop8): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 97.088524][ T30] audit: type=1400 audit(1739920144.427:2638): avc: denied { mount } for pid=6384 comm="syz.6.2617" name="/" dev="ramfs" ino=40727 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 97.285542][ T6398] input: syz0 as /devices/virtual/input/input21 [ 97.426121][ T6415] loop9: detected capacity change from 0 to 512 [ 97.527791][ T6415] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 97.577082][ T6415] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.795995][ T6389] loop8: detected capacity change from 0 to 131072 [ 97.807969][ T6440] loop7: detected capacity change from 0 to 512 [ 97.828153][ T6415] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 97.843947][ T6389] F2FS-fs (loop8): invalid crc value [ 97.850809][ T6440] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 97.860727][ T6440] System zones: 0-2, 18-18, 34-34 [ 97.867353][ T6440] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.2639: bg 0: block 248: padding at end of block bitmap is not set [ 97.888729][ T6389] F2FS-fs (loop8): Found nat_bits in checkpoint [ 97.894027][ T6420] loop6: detected capacity change from 0 to 40427 [ 97.906969][ T6448] EXT4-fs (loop9): re-mounted. Opts: . Quota mode: writeback. [ 97.927073][ T6440] EXT4-fs error (device loop7): ext4_acquire_dquot:6188: comm syz.7.2639: Failed to acquire dquot type 1 [ 97.942803][ T6389] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4 [ 97.943608][ T6440] EXT4-fs (loop7): 1 truncate cleaned up [ 97.960301][ T6446] loop3: detected capacity change from 0 to 8192 [ 97.967779][ T6440] EXT4-fs (loop7): mounted filesystem without journal. Opts: discard,noload,,errors=continue. Quota mode: writeback. [ 97.979991][ T6389] F2FS-fs (loop8): Corrupted max_depth of 3: 16842753 [ 97.987313][ T6440] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.988195][ T6420] F2FS-fs (loop6): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 98.005687][ T6420] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 98.014811][ T6389] F2FS-fs (loop8): dec_valid_node_count: inconsistent i_blocks, ino:7, iblocks:0 [ 98.015972][ T6420] F2FS-fs (loop6): invalid crc value [ 98.032073][ T6420] F2FS-fs (loop6): Found nat_bits in checkpoint [ 98.082574][ T6420] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 98.089552][ T6420] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 98.185962][ T2621] attempt to access beyond end of device [ 98.185962][ T2621] loop6: rw=2049, want=45104, limit=40427 [ 98.401861][ T6483] loop6: detected capacity change from 0 to 2048 [ 98.472370][ T6483] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 98.491480][ T6483] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 98.519012][ T6483] EXT4-fs (loop6): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 5 with error 28 [ 98.557189][ T6481] loop7: detected capacity change from 0 to 40427 [ 98.577085][ T6483] EXT4-fs (loop6): This should not happen!! Data will be lost [ 98.577085][ T6483] [ 98.586768][ T6483] EXT4-fs (loop6): Total free blocks count 0 [ 98.592901][ T6483] EXT4-fs (loop6): Free/Dirty block details [ 98.599297][ T6483] EXT4-fs (loop6): free_blocks=2415919104 [ 98.604942][ T6483] EXT4-fs (loop6): dirty_blocks=32 [ 98.611539][ T6483] EXT4-fs (loop6): Block reservation details [ 98.617735][ T6483] EXT4-fs (loop6): i_reserved_data_blocks=2 [ 98.637332][ T6481] F2FS-fs (loop7): fault_injection options not supported [ 98.644949][ T6498] EXT4-fs (loop6): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 1 with error 28 [ 98.658308][ T6481] F2FS-fs (loop7): invalid crc value [ 98.663927][ T6498] EXT4-fs (loop6): This should not happen!! Data will be lost [ 98.663927][ T6498] [ 98.675676][ T6481] F2FS-fs (loop7): Found nat_bits in checkpoint [ 98.729181][ T6481] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 98.791589][ T4892] attempt to access beyond end of device [ 98.791589][ T4892] loop7: rw=2049, want=45104, limit=40427 [ 98.950331][ T6497] loop8: detected capacity change from 0 to 131072 [ 98.980019][ T6497] F2FS-fs (loop8): Found nat_bits in checkpoint [ 99.019698][ T6497] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 99.085017][ T6521] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2666'. [ 99.170254][ T6534] tap0: tun_chr_ioctl cmd 2147767506 [ 99.400937][ T6525] loop3: detected capacity change from 0 to 40427 [ 99.411505][ T6554] loop6: detected capacity change from 0 to 256 [ 99.467569][ T6525] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 99.485294][ T6525] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 99.496141][ T6554] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 99.530314][ T6525] F2FS-fs (loop3): Found nat_bits in checkpoint [ 99.538898][ T6554] exFAT-fs (loop6): hint_cluster is invalid (17) [ 99.582528][ T6539] loop9: detected capacity change from 0 to 40427 [ 99.609388][ T6525] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 99.622039][ T6525] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 99.638106][ T6539] F2FS-fs (loop9): fault_injection options not supported [ 99.655424][ T6539] F2FS-fs (loop9): invalid crc value [ 99.672590][ T6539] F2FS-fs (loop9): Found nat_bits in checkpoint [ 99.675776][ T6572] loop6: detected capacity change from 0 to 128 [ 99.697975][ T6574] loop8: detected capacity change from 0 to 256 [ 99.757017][ T6539] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 99.800815][ T6569] attempt to access beyond end of device [ 99.800815][ T6569] loop9: rw=2049, want=40976, limit=40427 [ 99.911430][ T6583] loop6: detected capacity change from 0 to 128 [ 99.921380][ T6581] loop3: detected capacity change from 0 to 512 [ 99.978729][ T6581] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 99.990011][ T6583] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 100.020150][ T6583] ext4 filesystem being mounted at /312/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 100.068391][ T6581] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 100.076231][ T6581] System zones: 1-12 [ 100.104222][ T6602] loop9: detected capacity change from 0 to 256 [ 100.118256][ T6581] EXT4-fs (loop3): 1 truncate cleaned up [ 100.123867][ T6581] EXT4-fs (loop3): mounted filesystem without journal. Opts: nogrpid,jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000068,debug,nombcache,quota,nolazytime,,errors=continue. Quota mode: writeback. [ 100.148032][ T6602] exfat: Deprecated parameter 'utf8' [ 100.159125][ T6602] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 100.189847][ T6545] loop7: detected capacity change from 0 to 131072 [ 100.222237][ T6545] F2FS-fs (loop7): Wrong CP boundary, start(512) end(1536) blocks(0) [ 100.233295][ T6608] loop8: detected capacity change from 0 to 512 [ 100.239495][ T6545] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 100.268350][ T6545] F2FS-fs (loop7): Found nat_bits in checkpoint [ 100.277827][ T6608] EXT4-fs (loop8): Ignoring removed bh option [ 100.294042][ T6608] EXT4-fs (loop8): error: journal path ./file1 is not a block device [ 100.304315][ T6616] loop9: detected capacity change from 0 to 1024 [ 100.373557][ T6545] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0 [ 100.383353][ T6545] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 100.404470][ T6616] EXT4-fs error (device loop9): ext4_acquire_dquot:6188: comm syz.9.2705: Failed to acquire dquot type 0 [ 100.426700][ T6616] EXT4-fs (loop9): 1 truncate cleaned up [ 100.462660][ T6616] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 100.552671][ T6616] EXT4-fs (loop9): re-mounted. Opts: (null). Quota mode: writeback. [ 100.573154][ T6616] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended [ 100.597766][ T6616] EXT4-fs (loop9): re-mounted. Opts: . Quota mode: writeback. [ 100.613973][ T6618] loop6: detected capacity change from 0 to 40427 [ 100.666025][ T6618] F2FS-fs (loop6): invalid crc value [ 100.688151][ T6618] F2FS-fs (loop6): Found nat_bits in checkpoint [ 100.787025][ T6618] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 100.943129][ T6658] loop8: detected capacity change from 0 to 256 [ 101.019690][ T6658] exFAT-fs (loop8): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 101.079386][ T6667] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2727'. [ 101.405740][ T6699] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0 [ 101.481443][ T6703] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 101.724796][ T6721] incfs: mount failed -22 [ 101.747909][ T30] kauditd_printk_skb: 100 callbacks suppressed [ 101.747924][ T30] audit: type=1400 audit(1739920149.087:2735): avc: denied { mount } for pid=6726 comm="syz.9.2753" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 101.792644][ T6731] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2755'. [ 101.796250][ T30] audit: type=1400 audit(1739920149.117:2736): avc: denied { unmount } for pid=6726 comm="syz.9.2753" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 101.827862][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 101.830529][ T30] audit: type=1107 audit(1739920149.117:2737): pid=6728 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 101.847381][ T6733] Bluetooth: hci0: Frame reassembly failed (-84) [ 101.864014][ T6737] loop9: detected capacity change from 0 to 512 [ 101.888898][ T6741] loop3: detected capacity change from 0 to 512 [ 101.896655][ T6737] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 101.907710][ T6737] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.920617][ T6737] fs-verity (loop9, inode 15): Unrecognized descriptor size: 0 bytes [ 101.929374][ T6737] fs-verity (loop9, inode 15): Unrecognized descriptor size: 0 bytes [ 101.938292][ T6737] fs-verity (loop9, inode 15): Unrecognized descriptor size: 0 bytes [ 101.939561][ T6741] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,i_version,. Quota mode: writeback. [ 101.962953][ T6741] ext4 filesystem being mounted at /588/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.130843][ T6759] loop9: detected capacity change from 0 to 2048 [ 102.200185][ T6759] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 102.356051][ T6791] : renamed from pim6reg1 [ 102.458248][ T30] audit: type=1400 audit(1739920149.797:2738): avc: denied { nlmsg_tty_audit } for pid=6809 comm="syz.3.2787" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 102.505872][ T30] audit: type=1400 audit(1739920149.837:2739): avc: denied { getopt } for pid=6815 comm="syz.8.2790" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 102.570734][ T30] audit: type=1400 audit(1739920149.907:2740): avc: denied { execute_no_trans } for pid=6826 comm="syz.8.2795" path="/67/file1" dev="tmpfs" ino=366 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 102.605103][ T30] audit: type=1326 audit(1739920149.937:2741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6830 comm="syz.3.2797" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x0 [ 102.697009][ T312] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 102.705922][ T6842] netlink: 'syz.8.2802': attribute type 1 has an invalid length. [ 102.779971][ T6851] netpci0: tun_chr_ioctl cmd 1074025676 [ 102.785396][ T6851] netpci0: owner set to 0 [ 102.847568][ T30] audit: type=1400 audit(1739920150.187:2742): avc: denied { read write } for pid=6854 comm="syz.8.2808" name="uhid" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 102.871896][ T30] audit: type=1400 audit(1739920150.187:2743): avc: denied { open } for pid=6854 comm="syz.8.2808" path="/dev/uhid" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 102.873333][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.902714][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.910140][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.917458][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.924656][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.931921][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.937008][ T312] usb 10-1: Using ep0 maxpacket: 16 [ 102.939115][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.951396][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.958530][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.965734][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.972954][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.980155][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.987349][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 102.994532][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.001938][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.009199][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.016364][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.023582][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.030811][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.038024][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.045161][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.052546][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.057083][ T312] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 103.059970][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.076071][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.083342][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.090512][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.097695][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.104878][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.112117][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.119311][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.126493][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.133901][ T2009] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 103.142435][ T2009] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [sy] on syz0 [ 103.167733][ T30] audit: type=1326 audit(1739920150.507:2744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.8.2809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9661449de9 code=0x7ffc0000 [ 103.227039][ T312] usb 10-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 103.236110][ T312] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 103.244295][ T312] usb 10-1: Product: syz [ 103.248396][ T312] usb 10-1: Manufacturer: syz [ 103.252870][ T312] usb 10-1: SerialNumber: syz [ 103.259020][ T312] usb 10-1: config 0 descriptor?? [ 103.297894][ T312] ftdi_sio 10-1:0.0: FTDI USB Serial Device converter detected [ 103.305537][ T312] usb 10-1: Detected FT232RL [ 103.507008][ T312] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 103.767967][ T312] usb 10-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 103.857050][ T1746] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 103.876994][ T2009] Bluetooth: hci0: command 0x1003 tx timeout [ 103.883044][ T1735] Bluetooth: hci0: sending frame failed (-49) [ 103.968634][ T2009] usb 10-1: USB disconnect, device number 3 [ 103.975125][ T2009] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 103.984452][ T2009] ftdi_sio 10-1:0.0: device disconnected [ 104.085871][ T6896] kvm [6895]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010007 data 0x0 [ 104.097079][ T1746] usb 4-1: Using ep0 maxpacket: 16 [ 104.217021][ T1746] usb 4-1: config index 0 descriptor too short (expected 16456, got 72) [ 104.226776][ T1746] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 104.235143][ T1746] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 104.243382][ T1746] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 104.251552][ T1746] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 104.263939][ T1746] usb 4-1: config 0 has no interface number 0 [ 104.270409][ T1746] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 104.281578][ T1746] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 104.291407][ T1746] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 104.301519][ T1746] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 104.314787][ T1746] usb 4-1: config 0 interface 125 has no altsetting 0 [ 104.321825][ T1746] usb 4-1: config 0 interface 125 has no altsetting 2 [ 104.487053][ T1746] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 104.496014][ T1746] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.504341][ T1746] usb 4-1: Product: syz [ 104.508577][ T1746] usb 4-1: Manufacturer: syz [ 104.512990][ T1746] usb 4-1: SerialNumber: syz [ 104.519274][ T1746] usb 4-1: config 0 descriptor?? [ 104.527485][ T6923] sit: non-ECT from 0.0.0.0 with TOS=0x3 [ 104.696981][ T312] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 104.767576][ T1746] usb 4-1: USB disconnect, device number 7 [ 104.787903][ T6945] loop7: detected capacity change from 0 to 4096 [ 104.829575][ T6945] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 104.937033][ T312] usb 9-1: Using ep0 maxpacket: 16 [ 104.962035][ T6948] loop7: detected capacity change from 0 to 1024 [ 104.987940][ T6948] EXT4-fs (loop7): Ignoring removed nobh option [ 104.994033][ T6948] EXT4-fs (loop7): Ignoring removed bh option [ 104.999973][ T6948] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 105.018719][ T6948] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,errors=remount-ro,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,. Quota mode: writeback. [ 105.057299][ T312] usb 9-1: config 0 has an invalid interface number: 251 but max is 0 [ 105.065423][ T312] usb 9-1: config 0 has no interface number 0 [ 105.071613][ T312] usb 9-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 105.081372][ T312] usb 9-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 105.105910][ T6952] loop7: detected capacity change from 0 to 1024 [ 105.147891][ T6952] EXT4-fs (loop7): Ignoring removed nobh option [ 105.154029][ T6952] EXT4-fs (loop7): Ignoring removed bh option [ 105.160283][ T6952] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 105.178936][ T6952] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback. [ 105.227061][ T6952] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3876: comm syz.7.2851: Allocating blocks 497-513 which overlap fs metadata [ 105.252398][ T6951] EXT4-fs (loop7): pa ffff888110df50a8: logic 16, phys. 321, len 12 [ 105.260285][ T6951] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 1 [ 105.270117][ T312] usb 9-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 105.279045][ T312] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 105.287016][ T312] usb 9-1: Product: syz [ 105.291298][ T312] usb 9-1: Manufacturer: syz [ 105.295719][ T312] usb 9-1: SerialNumber: syz [ 105.300874][ T312] usb 9-1: config 0 descriptor?? [ 105.317065][ T6917] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 105.323842][ T6917] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 105.538379][ T6917] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 105.545301][ T6917] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 105.589210][ T6978] pimreg0: tun_chr_ioctl cmd 1074025677 [ 105.594601][ T6978] pimreg0: linktype set to 65534 [ 105.756952][ T1746] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 105.796393][ T6987] syz.7.2865[6987] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 105.796460][ T6987] syz.7.2865[6987] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 105.957033][ T20] Bluetooth: hci0: command 0x1001 tx timeout [ 105.974282][ T1735] Bluetooth: hci0: sending frame failed (-49) [ 105.987132][ T312] asix 9-1:0.251 (unnamed net_device) (uninitialized): Interface mode not supported by driver [ 106.000004][ T312] asix: probe of 9-1:0.251 failed with error -524 [ 106.007096][ T1746] usb 4-1: Using ep0 maxpacket: 8 [ 106.127045][ T1746] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 106.136717][ T1746] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.140741][ T7006] loop7: detected capacity change from 0 to 256 [ 106.151134][ T1746] usb 4-1: config 0 descriptor?? [ 106.167394][ T7006] exfat: Deprecated parameter 'utf8' [ 106.189441][ T20] usb 9-1: USB disconnect, device number 3 [ 106.268058][ T7012] loop7: detected capacity change from 0 to 128 [ 106.337933][ T7015] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2877'. [ 106.387598][ T7023] loop9: detected capacity change from 0 to 512 [ 106.401304][ T7026] loop7: detected capacity change from 0 to 2048 [ 106.409901][ T7023] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.2881: invalid indirect mapped block 256 (level 2) [ 106.423740][ T7023] EXT4-fs (loop9): 2 truncates cleaned up [ 106.429424][ T7023] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 106.458592][ T7026] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 106.469203][ T7026] ext4 filesystem being mounted at /237/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.581908][ T7041] loop9: detected capacity change from 0 to 8192 [ 106.818010][ T7047] loop9: detected capacity change from 0 to 40427 [ 106.847651][ T7047] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12 [ 106.855293][ T7047] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock [ 106.867867][ T7047] F2FS-fs (loop9): Found nat_bits in checkpoint [ 106.913768][ T7047] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0 [ 106.920687][ T7047] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 107.067127][ T1746] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 107.077272][ T1746] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x0080: ffffffb9 [ 107.117039][ T1746] asix: probe of 4-1:0.0 failed with error -71 [ 107.123641][ T1746] usb 4-1: USB disconnect, device number 8 [ 107.343258][ T7098] 9p: Unknown uid 18446744073709551615 [ 107.430739][ T30] kauditd_printk_skb: 38 callbacks suppressed [ 107.430754][ T30] audit: type=1326 audit(1739920154.767:2783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7108 comm="syz.8.2917" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9661449de9 code=0x0 [ 107.573534][ T7112] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2918'. [ 107.602738][ T7114] loop3: detected capacity change from 0 to 2048 [ 107.627398][ T7080] loop7: detected capacity change from 0 to 131072 [ 107.658742][ T7114] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 107.669362][ T7114] ext4 filesystem being mounted at /618/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 107.669477][ T7080] F2FS-fs (loop7): invalid crc value [ 107.685165][ T7114] fs-verity: sha256 using implementation "sha256-avx2" [ 107.693628][ T7080] F2FS-fs (loop7): Found nat_bits in checkpoint [ 107.737200][ T7080] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4 [ 107.762988][ T7080] F2FS-fs (loop7): Corrupted max_depth of 3: 16842753 [ 107.781847][ T7080] F2FS-fs (loop7): dec_valid_node_count: inconsistent i_blocks, ino:7, iblocks:0 [ 107.783487][ T30] audit: type=1400 audit(1739920155.117:2784): avc: denied { write } for pid=7122 comm="syz.9.2920" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 107.814112][ T30] audit: type=1400 audit(1739920155.147:2785): avc: denied { open } for pid=7122 comm="syz.9.2920" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 108.034668][ T7126] loop9: detected capacity change from 0 to 256 [ 108.040933][ T2009] Bluetooth: hci0: command 0x1009 tx timeout [ 108.097227][ T7126] exfat: Deprecated parameter 'namecase' [ 108.109848][ T7126] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 108.225737][ T30] audit: type=1400 audit(1739920155.557:2786): avc: denied { create } for pid=7133 comm="syz.7.2925" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 108.229981][ T7114] fs-verity (loop3, inode 13): Error -28 writing Merkle tree block 82624 [ 108.253311][ T7114] fs-verity (loop3, inode 13): Error -28 building Merkle tree [ 108.265899][ T30] audit: type=1400 audit(1739920155.597:2787): avc: denied { bind } for pid=7133 comm="syz.7.2925" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 108.392702][ T30] audit: type=1400 audit(1739920155.727:2788): avc: denied { nlmsg_write } for pid=7153 comm="syz.8.2935" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 108.433314][ T7155] loop9: detected capacity change from 0 to 512 [ 108.450302][ T7159] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2938'. [ 108.488347][ T7155] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 108.518384][ T7155] EXT4-fs (loop9): 1 truncate cleaned up [ 108.523965][ T7155] EXT4-fs (loop9): mounted filesystem without journal. Opts: resuid=0x0000000000000000,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 108.563830][ T7167] loop8: detected capacity change from 0 to 512 [ 108.574138][ T7141] loop7: detected capacity change from 0 to 40427 [ 108.585491][ T7155] fscrypt (loop9, inode 18): Mutually exclusive encryption flags (0x0c) [ 108.598289][ T7141] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12 [ 108.598340][ T7167] EXT4-fs (loop8): couldn't mount as ext2 due to feature incompatibilities [ 108.605838][ T7141] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 108.630707][ T7141] F2FS-fs (loop7): Found nat_bits in checkpoint [ 108.684563][ T7182] loop3: detected capacity change from 0 to 512 [ 108.697341][ T7141] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0 [ 108.717330][ T7185] SELinux: Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped). [ 108.726506][ T30] audit: type=1400 audit(1739920156.057:2789): avc: denied { relabelto } for pid=7184 comm="syz.9.2947" name="cgroup.procs" dev="cgroup" ino=837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:net_conf_t:s0" [ 108.726742][ T7141] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 108.761673][ T7182] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 108.774054][ T30] audit: type=1400 audit(1739920156.057:2790): avc: denied { associate } for pid=7184 comm="syz.9.2947" name="cgroup.procs" dev="cgroup" ino=837 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:net_conf_t:s0" [ 108.803225][ T7182] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 108.816276][ T7192] loop8: detected capacity change from 0 to 256 [ 108.822527][ T7182] EXT4-fs (loop3): 1 truncate cleaned up [ 108.828217][ T7182] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,journal_ioprio=0x0000000000000002,noauto_da_alloc,lazytime,grpjquota=,quota,,errors=continue. Quota mode: writeback. [ 108.847888][ T30] audit: type=1400 audit(1739920156.187:2791): avc: denied { setattr } for pid=7140 comm="syz.7.2929" path="/243/bus" dev="loop7" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 108.848795][ T7141] attempt to access beyond end of device [ 108.848795][ T7141] loop7: rw=2049, want=45104, limit=40427 [ 108.871263][ T30] audit: type=1400 audit(1739920156.187:2792): avc: denied { create } for pid=7140 comm="syz.7.2929" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 108.979615][ T7196] loop3: detected capacity change from 0 to 1024 [ 109.038553][ T7196] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 109.099621][ T7209] loop7: detected capacity change from 0 to 128 [ 109.117513][ T7211] device sit0 left promiscuous mode [ 109.137036][ T7211] device sit0 entered promiscuous mode [ 109.143412][ T7209] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 109.153973][ T7209] ext4 filesystem being mounted at /244/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 109.185710][ T7218] input: syz1 as /devices/virtual/input/input24 [ 109.275068][ T7230] loop7: detected capacity change from 0 to 1024 [ 109.332343][ T7230] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option [ 109.356021][ T7230] EXT4-fs (loop7): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x00000000000001ff,commit=0x0000000000000005,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none. [ 109.477236][ T7264] loop8: detected capacity change from 0 to 1024 [ 109.508727][ T7264] EXT4-fs (loop8): Ignoring removed nobh option [ 109.517452][ T7270] loop7: detected capacity change from 0 to 512 [ 109.523785][ T7264] EXT4-fs (loop8): Ignoring removed bh option [ 109.532462][ T7264] EXT4-fs (loop8): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 109.555970][ T7270] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #11: comm syz.7.2984: invalid indirect mapped block 256 (level 2) [ 109.569630][ T7270] EXT4-fs (loop7): Remounting filesystem read-only [ 109.576205][ T7270] EXT4-fs (loop7): 2 truncates cleaned up [ 109.585034][ T7264] EXT4-fs (loop8): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback. [ 109.597135][ T7270] EXT4-fs (loop7): mounted filesystem without journal. Opts: errors=remount-ro,debug_want_extra_isize=0x0000000000000008,data_err=ignore,. Quota mode: writeback. [ 109.654994][ T7264] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3876: comm syz.8.2981: Allocating blocks 497-513 which overlap fs metadata [ 109.673683][ T7270] EXT4-fs error (device loop7): empty_inline_dir:1869: inode #12: block 7: comm syz.7.2984: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0 [ 109.692551][ T7270] EXT4-fs (loop7): Remounting filesystem read-only [ 109.697029][ T542] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 109.711097][ T7263] EXT4-fs (loop8): pa ffff8881308ea9d8: logic 16, phys. 321, len 12 [ 109.716975][ T7270] EXT4-fs warning (device loop7): empty_inline_dir:1876: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60 [ 109.719103][ T7263] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 1 [ 109.791607][ T7295] loop8: detected capacity change from 0 to 256 [ 109.901770][ T7317] mmap: syz.7.3005 (7317): VmData 33271808 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data. [ 109.976990][ T542] usb 4-1: Using ep0 maxpacket: 32 [ 110.097053][ T542] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 110.098070][ T7325] loop9: detected capacity change from 0 to 40427 [ 110.105273][ T542] usb 4-1: config 0 has no interface number 0 [ 110.117800][ T542] usb 4-1: config 0 interface 184 has no altsetting 0 [ 110.161973][ T7325] F2FS-fs (loop9): Insane cp_payload (553648128 >= 504) [ 110.169312][ T7325] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock [ 110.177803][ T7325] F2FS-fs (loop9): fault_injection options not supported [ 110.184664][ T7325] F2FS-fs (loop9): fault_type options not supported [ 110.192262][ T7325] F2FS-fs (loop9): invalid crc value [ 110.201624][ T7325] F2FS-fs (loop9): Found nat_bits in checkpoint [ 110.240381][ T7342] SELinux: policydb version 0 does not match my version range 15-33 [ 110.248731][ T7342] SELinux: failed to load policy [ 110.259282][ T7325] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0 [ 110.266332][ T7325] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 110.288307][ T6088] attempt to access beyond end of device [ 110.288307][ T6088] loop9: rw=2049, want=45104, limit=40427 [ 110.307176][ T542] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 110.316782][ T542] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 110.325250][ T542] usb 4-1: Product: syz [ 110.329496][ T542] usb 4-1: Manufacturer: syz [ 110.333934][ T542] usb 4-1: SerialNumber: syz [ 110.339621][ T542] usb 4-1: config 0 descriptor?? [ 110.357927][ T7353] loop7: detected capacity change from 0 to 128 [ 110.397294][ T542] smsc75xx v1.0.0 [ 110.432529][ T7360] veth1_virt_wifi: vlans aren't supported yet for dev_uc|mc_add() [ 110.462053][ T7364] binder: 7363:7364 ioctl 400c620e 4000000002c0 returned -22 [ 110.544687][ T7378] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3032'. [ 110.688138][ T7385] loop7: detected capacity change from 0 to 40427 [ 110.717106][ T7391] loop8: detected capacity change from 0 to 512 [ 110.724813][ T7385] F2FS-fs (loop7): invalid crc value [ 110.731464][ T7385] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 110.749445][ T7391] EXT4-fs (loop8): 1 orphan inode deleted [ 110.760347][ T7391] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 110.771821][ T7391] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.783879][ T7385] F2FS-fs (loop7): Start checkpoint disabled! [ 110.803426][ T7385] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6 [ 110.828173][ T7385] attempt to access beyond end of device [ 110.828173][ T7385] loop7: rw=2049, want=45104, limit=40427 [ 110.860383][ T7406] loop8: detected capacity change from 0 to 1024 [ 110.866839][ T45] attempt to access beyond end of device [ 110.866839][ T45] loop7: rw=2049, want=45112, limit=40427 [ 110.924438][ T7406] EXT4-fs (loop8): Ignoring removed bh option [ 110.988142][ T7406] EXT4-fs (loop8): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,grpquota,noload,abort,lazytime,usrquota,resgid=0x0000000000000000,bh,,errors=continue. Quota mode: writeback. [ 111.017386][ T7406] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 111.037045][ T542] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 111.047659][ T542] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 111.057253][ T542] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind [ 111.067308][ T542] smsc75xx: probe of 4-1:0.184 failed with error -71 [ 111.074155][ T7406] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.3042: bg 0: block 273: padding at end of block bitmap is not set [ 111.074853][ T542] usb 4-1: USB disconnect, device number 9 [ 111.212065][ T7425] loop7: detected capacity change from 0 to 256 [ 111.260492][ T7425] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 111.413788][ T7408] loop9: detected capacity change from 0 to 131072 [ 111.457643][ T7408] F2FS-fs (loop9): QUOTA feature is enabled, so ignore qf_name [ 111.469771][ T7408] F2FS-fs (loop9): invalid crc value [ 111.484924][ T7408] F2FS-fs (loop9): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 111.490107][ T7443] macvtap0: tun_chr_ioctl cmd 1074025677 [ 111.501788][ T7443] macvtap0: linktype set to 773 [ 111.517719][ T7408] F2FS-fs (loop9): Mounted with checkpoint version = 753bd00b [ 111.629797][ T7460] loop3: detected capacity change from 0 to 256 [ 111.648230][ T7460] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 111.659882][ T7460] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 111.662521][ T7462] loop7: detected capacity change from 0 to 256 [ 111.679483][ T7460] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 111.707335][ T7462] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 111.776650][ T7468] loop7: detected capacity change from 0 to 256 [ 111.894436][ T7481] netlink: 'syz.9.3072': attribute type 15 has an invalid length. [ 112.113535][ T7511] loop3: detected capacity change from 0 to 1024 [ 112.140475][ T7513] kernel read not supported for file /policy (pid: 7513 comm: syz.7.3089) [ 112.192240][ T7511] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 112.234941][ T7532] loop7: detected capacity change from 0 to 512 [ 112.278444][ T7532] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 112.289589][ T7532] ext4 filesystem being mounted at /298/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 112.317831][ T7539] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3099'. [ 112.350272][ T7541] loop3: detected capacity change from 0 to 512 [ 112.408284][ T7541] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 112.429383][ T7541] ext4 filesystem being mounted at /648/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 112.488531][ T7556] loop6: detected capacity change from 0 to 512 [ 112.507663][ T7556] EXT4-fs (loop6): Ignoring removed nobh option [ 112.532115][ T7556] EXT4-fs (loop6): mounted filesystem without journal. Opts: nobh,stripe=0x000000000000ffff,dioread_nolock,,errors=continue. Quota mode: none. [ 112.564045][ T30] kauditd_printk_skb: 31 callbacks suppressed [ 112.564061][ T30] audit: type=1400 audit(1739920159.897:2824): avc: denied { unlink } for pid=7555 comm="syz.6.3107" name="file0" dev="incremental-fs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 112.594852][ T2621] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..' [ 112.608236][ T2621] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..' [ 112.622069][ T30] audit: type=1326 audit(1739920159.947:2825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.3.3111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 112.630981][ T2621] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..' [ 112.645613][ T30] audit: type=1326 audit(1739920159.947:2826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.3.3111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 112.684398][ T7569] loop7: detected capacity change from 0 to 512 [ 112.694736][ T7571] xt_hashlimit: max too large, truncated to 1048576 [ 112.702751][ T7573] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3115'. [ 112.707231][ T2621] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..' [ 112.723030][ T2621] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..' [ 112.735710][ T2621] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..' [ 112.739794][ T30] audit: type=1326 audit(1739920159.957:2827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.3.3111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 112.748215][ T2621] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..' [ 112.782155][ T7569] EXT4-fs (loop7): orphan cleanup on readonly fs [ 112.785671][ T30] audit: type=1326 audit(1739920159.957:2828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7566 comm="syz.3.3111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 112.789546][ T2621] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..' [ 112.823654][ T7569] Quota error (device loop7): find_tree_dqentry: Getting block too big (196613 >= 6) [ 112.833264][ T2621] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..' [ 112.844707][ T7569] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0 [ 112.854237][ T2621] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..' [ 112.865876][ T7569] EXT4-fs error (device loop7): ext4_acquire_dquot:6188: comm syz.7.3112: Failed to acquire dquot type 1 [ 112.885778][ T30] audit: type=1326 audit(1739920160.167:2829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7575 comm="syz.3.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 112.909768][ T7569] EXT4-fs (loop7): 1 truncate cleaned up [ 112.912201][ T30] audit: type=1326 audit(1739920160.167:2830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7575 comm="syz.3.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 112.941361][ T7569] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 112.961273][ T30] audit: type=1326 audit(1739920160.207:2831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7575 comm="syz.3.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 112.992605][ T7587] loop8: detected capacity change from 0 to 512 [ 113.025065][ T7591] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3122'. [ 113.055362][ T7595] loop7: detected capacity change from 0 to 256 [ 113.082321][ T7587] EXT4-fs (loop8): mounted filesystem without journal. Opts: errors=remount-ro,nodioread_nolock,. Quota mode: writeback. [ 113.111912][ T7595] FAT-fs (loop7): Directory bread(block 1285) failed [ 113.130977][ T7587] ext4 filesystem being mounted at /149/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 113.190360][ T7587] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #12: comm syz.8.3121: invalid size [ 113.212096][ T7606] loop9: detected capacity change from 0 to 512 [ 113.229354][ T7587] EXT4-fs (loop8): Remounting filesystem read-only [ 113.243024][ T7614] devtmpfs: Unknown parameter 'dars[w' [ 113.267618][ T7606] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 113.308416][ T7606] ext4 filesystem being mounted at /121/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 113.371245][ T7634] loop8: detected capacity change from 0 to 512 [ 113.405639][ T7606] EXT4-fs error (device loop9): ext4_map_blocks:629: inode #2: block 18: comm syz.9.3131: lblock 23 mapped to illegal pblock 18 (length 1) [ 113.427744][ T7634] EXT4-fs (loop8): error: could not find journal device path: error -2 [ 113.455262][ T7615] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.462793][ T7647] SELinux: security_context_str_to_sid(u) failed for (dev ?, type ?) errno=-22 [ 113.471618][ T7615] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.487318][ T7647] SELinux: security_context_str_to_sid(u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 113.505909][ T7615] device bridge_slave_0 entered promiscuous mode [ 113.528052][ T45] device bridge_slave_1 left promiscuous mode [ 113.534041][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.552103][ T45] device bridge_slave_0 left promiscuous mode [ 113.563575][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.576445][ T45] device veth1_to_batadv left promiscuous mode [ 113.587156][ T45] device veth1_macvtap left promiscuous mode [ 113.607108][ T45] device veth0_vlan left promiscuous mode [ 113.722444][ T7615] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.729468][ T7615] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.741145][ T7615] device bridge_slave_1 entered promiscuous mode [ 113.747899][ T7667] device lo entered promiscuous mode [ 113.749989][ T7673] loop9: detected capacity change from 0 to 512 [ 113.754482][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 113.766815][ T7667] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 113.774655][ T7667] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 113.789957][ T7671] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3159'. [ 113.823184][ T7673] EXT4-fs error (device loop9): ext4_orphan_get:1401: inode #15: comm syz.9.3160: casefold flag without casefold feature [ 113.847522][ T7673] EXT4-fs error (device loop9): ext4_orphan_get:1406: comm syz.9.3160: couldn't read orphan inode 15 (err -117) [ 113.881143][ T7673] EXT4-fs (loop9): mounted filesystem without journal. Opts: dioread_lock,,errors=continue. Quota mode: writeback. [ 113.919231][ T7673] fscrypt (loop9, inode 18): Unsupported encryption flags (0x10) [ 113.961902][ T7692] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 113.998859][ T7694] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3171'. [ 114.054486][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 114.064907][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 114.076408][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 114.084765][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 114.095243][ T319] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.102112][ T319] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.114095][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 114.130660][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 114.138831][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 114.146774][ T319] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.153621][ T319] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.167817][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 114.185162][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 114.201373][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 114.210155][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 114.218751][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 114.226579][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 114.236746][ T7615] device veth0_vlan entered promiscuous mode [ 114.250886][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 114.262873][ T7615] device veth1_macvtap entered promiscuous mode [ 114.277929][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 114.291456][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 114.306602][ T7723] SELinux: Context system_u:object_r: is not valid (left unmapped). [ 114.341915][ T7729] loop4: detected capacity change from 0 to 512 [ 114.388094][ T7737] syz.7.3190[7737] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 114.388154][ T7737] syz.7.3190[7737] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 114.401099][ T7729] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 114.437021][ T7729] ext4 filesystem being mounted at /1/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 114.582029][ T7766] loop4: detected capacity change from 0 to 256 [ 114.611394][ T7766] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe3f33698, utbl_chksum : 0xe619d30d) [ 114.628468][ T7766] exFAT-fs (loop4): error, tried to truncate zeroed cluster. [ 114.635681][ T7766] exFAT-fs (loop4): Filesystem has been set read-only [ 114.874033][ T7809] loop4: detected capacity change from 0 to 2048 [ 114.942298][ T7809] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 114.953727][ T7809] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 115.067364][ T7838] loop3: detected capacity change from 0 to 256 [ 115.172361][ T7843] device ip6tnl1 entered promiscuous mode [ 115.203087][ T7847] loop9: detected capacity change from 0 to 256 [ 115.209389][ T542] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 115.238638][ T7849] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3237'. [ 115.264791][ T7847] FAT-fs (loop9): Directory bread(block 64) failed [ 115.271547][ T7847] FAT-fs (loop9): Directory bread(block 65) failed [ 115.278464][ T7847] FAT-fs (loop9): Directory bread(block 66) failed [ 115.287435][ T7847] FAT-fs (loop9): Directory bread(block 67) failed [ 115.294417][ T7847] FAT-fs (loop9): Directory bread(block 68) failed [ 115.302194][ T7847] FAT-fs (loop9): Directory bread(block 69) failed [ 115.308690][ T7847] FAT-fs (loop9): Directory bread(block 70) failed [ 115.315078][ T7847] FAT-fs (loop9): Directory bread(block 71) failed [ 115.322090][ T7847] FAT-fs (loop9): Directory bread(block 72) failed [ 115.328921][ T7847] FAT-fs (loop9): Directory bread(block 73) failed [ 115.404977][ T7859] loop3: detected capacity change from 0 to 512 [ 115.429625][ T7809] fs-verity (loop4, inode 13): Error -28 writing Merkle tree block 82624 [ 115.440725][ T7847] attempt to access beyond end of device [ 115.440725][ T7847] loop9: rw=2051, want=1832, limit=256 [ 115.452418][ T7847] attempt to access beyond end of device [ 115.452418][ T7847] loop9: rw=2051, want=33800, limit=256 [ 115.458480][ T7809] fs-verity (loop4, inode 13): Error -28 building Merkle tree [ 115.480645][ T7859] EXT4-fs (loop3): Ignoring removed orlov option [ 115.491748][ T7859] EXT4-fs (loop3): orphan cleanup on readonly fs [ 115.499098][ T7859] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.3242: bg 0: block 248: padding at end of block bitmap is not set [ 115.519224][ T7859] EXT4-fs error (device loop3): ext4_acquire_dquot:6188: comm syz.3.3242: Failed to acquire dquot type 1 [ 115.540817][ T7859] EXT4-fs (loop3): 1 truncate cleaned up [ 115.556623][ T7859] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,orlov,abort,nombcache,stripe=0x0000000000000010,,errors=continue. Quota mode: writeback. [ 115.597063][ T542] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 115.610859][ T7859] EXT4-fs error (device loop3): ext4_remount:5846: comm syz.3.3242: Abort forced by user [ 115.611495][ T542] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 115.695011][ T7865] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3245'. [ 115.716996][ T7865] tipc: Started in network mode [ 115.721683][ T7865] tipc: Node identity @, cluster identity 8 [ 115.757077][ T542] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 115.774742][ T542] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 115.787396][ T7869] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3246'. [ 115.793659][ T542] usb 9-1: SerialNumber: syz [ 115.796103][ T7869] device bond_slave_1 entered promiscuous mode [ 115.796225][ T7869] netlink: 'syz.3.3246': attribute type 2 has an invalid length. [ 115.878656][ T7876] netlink: 'syz.4.3249': attribute type 1 has an invalid length. [ 115.892041][ T7876] netlink: 'syz.4.3249': attribute type 2 has an invalid length. [ 116.008913][ T7893] loop4: detected capacity change from 0 to 512 [ 116.024897][ T7896] loop3: detected capacity change from 0 to 128 [ 116.058033][ T7893] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 116.067464][ T7896] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 116.091515][ T7893] EXT4-fs (loop4): 1 truncate cleaned up [ 116.091625][ T7896] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 116.101217][ T7893] EXT4-fs (loop4): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 116.107826][ T542] usb 9-1: 0:2 : does not exist [ 116.172363][ T542] usb 9-1: USB disconnect, device number 4 [ 116.222364][ T311] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 116.410069][ T7912] loop4: detected capacity change from 0 to 256 [ 116.472956][ T7912] attempt to access beyond end of device [ 116.472956][ T7912] loop4: rw=2051, want=544, limit=256 [ 116.555777][ T7923] loop4: detected capacity change from 0 to 128 [ 116.622873][ T7923] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 116.625641][ T7908] loop9: detected capacity change from 0 to 40427 [ 116.657456][ T7923] ext4 filesystem being mounted at /24/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 116.688079][ T7923] netlink: 'syz.4.3270': attribute type 16 has an invalid length. [ 116.695733][ T7923] netlink: 'syz.4.3270': attribute type 3 has an invalid length. [ 116.705628][ T7908] F2FS-fs (loop9): invalid crc value [ 116.720899][ T7908] F2FS-fs (loop9): Found nat_bits in checkpoint [ 116.736971][ T7923] netlink: 29478 bytes leftover after parsing attributes in process `syz.4.3270'. [ 116.769355][ T7935] input: syz0 as /devices/virtual/input/input25 [ 116.773609][ T7908] F2FS-fs (loop9): Start checkpoint disabled! [ 116.803749][ T7908] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6 [ 116.832558][ T7938] loop8: detected capacity change from 0 to 512 [ 116.932492][ T7938] EXT4-fs error (device loop8): ext4_do_update_inode:5205: inode #16: comm syz.8.3277: corrupted inode contents [ 116.969040][ T311] attempt to access beyond end of device [ 116.969040][ T311] loop9: rw=2049, want=40984, limit=40427 [ 116.990283][ T7938] EXT4-fs error (device loop8): ext4_dirty_inode:6041: inode #16: comm syz.8.3277: mark_inode_dirty error [ 117.051141][ T7938] EXT4-fs error (device loop8): ext4_do_update_inode:5205: inode #16: comm syz.8.3277: corrupted inode contents [ 117.077435][ T7938] EXT4-fs error (device loop8): __ext4_ext_dirty:183: inode #16: comm syz.8.3277: mark_inode_dirty error [ 117.094955][ T7938] EXT4-fs error (device loop8): ext4_do_update_inode:5205: inode #16: comm syz.8.3277: corrupted inode contents [ 117.107875][ T7938] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem [ 117.120600][ T7938] EXT4-fs error (device loop8): ext4_do_update_inode:5205: inode #16: comm syz.8.3277: corrupted inode contents [ 117.147169][ T7938] EXT4-fs error (device loop8): ext4_truncate:4303: inode #16: comm syz.8.3277: mark_inode_dirty error [ 117.159288][ T7938] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem [ 117.198011][ T7938] EXT4-fs (loop8): 1 truncate cleaned up [ 117.203497][ T7938] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 117.239138][ T7938] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.325566][ T7952] loop4: detected capacity change from 0 to 1024 [ 117.347937][ T7954] loop9: detected capacity change from 0 to 2048 [ 117.408715][ T7952] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 117.425243][ T7958] loop3: detected capacity change from 0 to 2048 [ 117.438053][ T7952] JBD2: no valid journal superblock found [ 117.447958][ T7952] EXT4-fs (loop4): error loading journal [ 117.455576][ T7954] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 117.471624][ T7954] ext4 filesystem being mounted at /138/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.552393][ T7958] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 117.567204][ T30] kauditd_printk_skb: 6588 callbacks suppressed [ 117.567221][ T30] audit: type=1326 audit(1739920164.907:9418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7854 comm="syz.7.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fabbdfd9da7 code=0x7ffc0000 [ 117.633929][ T7968] binder: 7967:7968 ioctl c00c620f 0 returned -14 [ 117.664122][ T30] audit: type=1326 audit(1739920164.907:9419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7854 comm="syz.7.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fabbdf7efb9 code=0x7ffc0000 [ 117.708349][ T30] audit: type=1326 audit(1739920164.907:9420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7854 comm="syz.7.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fabbdfd9da7 code=0x7ffc0000 [ 117.740449][ T30] audit: type=1326 audit(1739920164.907:9421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7854 comm="syz.7.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fabbdf7efb9 code=0x7ffc0000 [ 117.765425][ T30] audit: type=1326 audit(1739920164.907:9422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7854 comm="syz.7.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fabbdfd9da7 code=0x7ffc0000 [ 117.841489][ T30] audit: type=1326 audit(1739920164.907:9423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7854 comm="syz.7.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fabbdf7efb9 code=0x7ffc0000 [ 117.904243][ T30] audit: type=1326 audit(1739920164.907:9424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7854 comm="syz.7.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fabbdfd9da7 code=0x7ffc0000 [ 117.934585][ T7980] loop4: detected capacity change from 0 to 512 [ 117.957468][ T30] audit: type=1326 audit(1739920164.907:9425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7854 comm="syz.7.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fabbdf7efb9 code=0x7ffc0000 [ 117.978763][ T7982] loop8: detected capacity change from 0 to 2048 [ 117.998078][ T30] audit: type=1326 audit(1739920164.907:9426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7854 comm="syz.7.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fabbdfd9da7 code=0x7ffc0000 [ 118.022507][ T7980] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 118.048041][ T7980] EXT4-fs (loop4): 1 orphan inode deleted [ 118.056994][ T7980] EXT4-fs (loop4): 1 truncate cleaned up [ 118.063076][ T7980] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback. [ 118.089656][ T30] audit: type=1326 audit(1739920164.907:9427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7854 comm="syz.7.3239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fabbdf7efb9 code=0x7ffc0000 [ 118.118353][ T7982] EXT4-fs (loop8): mounted filesystem without journal. Opts: init_itable=0x0000000000000002,,errors=continue. Quota mode: none. [ 118.217141][ T7954] fs-verity (loop9, inode 13): Error -4 building Merkle tree [ 118.496663][ T8023] loop7: detected capacity change from 0 to 512 [ 118.611979][ T8023] EXT4-fs (loop7): Ignoring removed orlov option [ 118.628432][ T8023] EXT4-fs (loop7): orphan cleanup on readonly fs [ 118.635416][ T8023] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.3311: bg 0: block 248: padding at end of block bitmap is not set [ 118.658524][ T8023] EXT4-fs error (device loop7): ext4_acquire_dquot:6188: comm syz.7.3311: Failed to acquire dquot type 1 [ 118.674110][ T8033] loop4: detected capacity change from 0 to 1024 [ 118.680746][ T8023] EXT4-fs (loop7): 1 truncate cleaned up [ 118.687222][ T8023] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,orlov,abort,nombcache,stripe=0x0000000000000010,,errors=continue. Quota mode: writeback. [ 118.713759][ T7999] loop8: detected capacity change from 0 to 40427 [ 118.724419][ T8023] EXT4-fs error (device loop7): ext4_remount:5846: comm syz.7.3311: Abort forced by user [ 118.727788][ T8033] EXT4-fs (loop4): Ignoring removed orlov option [ 118.740603][ T8033] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 118.767494][ T7999] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12 [ 118.776588][ T8033] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,bsddf,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 118.798780][ T7999] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock [ 118.813703][ T7999] F2FS-fs (loop8): invalid crc value [ 118.824688][ T7999] F2FS-fs (loop8): Found nat_bits in checkpoint [ 118.827430][ T8029] loop9: detected capacity change from 0 to 40427 [ 118.867013][ T1746] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 118.884565][ T8029] F2FS-fs (loop9): fault_injection options not supported [ 118.884677][ T7999] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0 [ 118.898522][ T7999] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 118.920104][ T8029] F2FS-fs (loop9): invalid crc value [ 118.929432][ T8029] F2FS-fs (loop9): Found nat_bits in checkpoint [ 118.984938][ T8029] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 119.027736][ T6088] attempt to access beyond end of device [ 119.027736][ T6088] loop9: rw=2049, want=45104, limit=40427 [ 119.116973][ T1746] usb 4-1: Using ep0 maxpacket: 8 [ 119.175235][ T8068] tmpfs: Unknown parameter 'usrquota' [ 119.237035][ T1746] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 119.245991][ T1746] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 119.264626][ T1746] usb 4-1: config 0 descriptor?? [ 119.413704][ T8076] loop8: detected capacity change from 0 to 40427 [ 119.527040][ T1746] asix 4-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 119.647578][ T8076] F2FS-fs (loop8): Small segment_count (9 < 1 * 24) [ 119.654167][ T8076] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock [ 119.665292][ T8076] F2FS-fs (loop8): Found nat_bits in checkpoint [ 119.710613][ T8076] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0 [ 119.717815][ T8076] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 120.354817][ T5923] attempt to access beyond end of device [ 120.354817][ T5923] loop8: rw=2049, want=45104, limit=40427 [ 120.367023][ T1746] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 120.377238][ T1746] asix: probe of 4-1:0.0 failed with error -71 [ 120.383974][ T1746] usb 4-1: USB disconnect, device number 10 [ 120.419078][ T8089] syzkaller0: tun_chr_ioctl cmd 1074812117 [ 120.425040][ T8089] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 120.430895][ T8089] syzkaller0: linktype set to 774 [ 120.732917][ T8134] loop4: detected capacity change from 0 to 512 [ 120.780880][ T8134] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #16: comm syz.4.3357: corrupted inode contents [ 120.793390][ T8134] EXT4-fs error (device loop4): ext4_dirty_inode:6041: inode #16: comm syz.4.3357: mark_inode_dirty error [ 120.805246][ T8134] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #16: comm syz.4.3357: corrupted inode contents [ 120.817219][ T8134] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #16: comm syz.4.3357: mark_inode_dirty error [ 120.828566][ T8134] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #16: comm syz.4.3357: corrupted inode contents [ 120.840533][ T8134] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 120.849110][ T8134] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #16: comm syz.4.3357: corrupted inode contents [ 120.861373][ T8134] EXT4-fs error (device loop4): ext4_truncate:4303: inode #16: comm syz.4.3357: mark_inode_dirty error [ 120.874044][ T8134] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 120.883337][ T8134] EXT4-fs (loop4): 1 truncate cleaned up [ 120.888894][ T8134] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 120.901493][ T8134] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 121.044182][ T8157] loop4: detected capacity change from 0 to 2048 [ 121.068907][ T8157] loop4: p1 p2 p3 < > p4 < p5 p6 > [ 121.074075][ T8157] loop4: partition table partially beyond EOD, truncated [ 121.081910][ T8157] loop4: p2 size 458752 extends beyond EOD, truncated [ 121.089265][ T8157] loop4: p3 start 4284289 is beyond EOD, truncated [ 121.096794][ T8157] loop4: p6 size 458752 extends beyond EOD, truncated [ 121.202071][ T8171] loop4: detected capacity change from 0 to 256 [ 121.257602][ T8171] FAT-fs (loop4): bogus number of FAT sectors [ 121.263503][ T8171] FAT-fs (loop4): Can't find a valid FAT filesystem [ 121.387805][ T8177] syz.4.3375[8177] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.387887][ T8177] syz.4.3375[8177] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.403238][ T8177] input: syz0 as /devices/virtual/input/input27 [ 121.433192][ T8181] syz.9.3377[8181] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.433285][ T8181] syz.9.3377[8181] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 121.471753][ T8183] loop4: detected capacity change from 0 to 256 [ 121.508376][ T8183] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 121.517875][ T8183] FAT-fs (loop4): bogus number of directory entries (1) [ 121.526354][ T8183] FAT-fs (loop4): Can't find a valid FAT filesystem [ 121.586985][ T60] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 121.615569][ T8205] overlayfs: failed to resolve './file1': -2 [ 121.653034][ T8211] xt_bpf: check failed: parse error [ 121.751621][ T8228] loop9: detected capacity change from 0 to 256 [ 121.777416][ T8228] exfat: Deprecated parameter 'utf8' [ 121.782650][ T8228] exfat: Deprecated parameter 'utf8' [ 121.791606][ T8228] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 121.827004][ T60] usb 9-1: Using ep0 maxpacket: 32 [ 121.915239][ T8242] Illegal XDP return value 1639269137, expect packet loss! [ 122.132653][ T8272] loop4: detected capacity change from 0 to 512 [ 122.167478][ T8272] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22 [ 122.177054][ T8272] EXT4-fs (loop4): Unrecognized mount option "smackfsroot=" or missing value [ 122.217433][ T8281] xt_hashlimit: max too large, truncated to 1048576 [ 122.447026][ T60] usb 9-1: unable to get BOS descriptor or descriptor too short [ 122.507043][ T60] usb 9-1: unable to read config index 0 descriptor/start: -71 [ 122.514500][ T60] usb 9-1: can't read configurations, error -71 [ 122.621349][ T30] kauditd_printk_skb: 575 callbacks suppressed [ 122.621364][ T30] audit: type=1400 audit(1739920169.957:10001): avc: denied { read } for pid=8314 comm="syz.3.3436" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=48617 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 122.701717][ T30] audit: type=1326 audit(1739920170.037:10002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.3.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 122.725229][ T30] audit: type=1326 audit(1739920170.037:10003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.3.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 122.749205][ T30] audit: type=1326 audit(1739920170.037:10004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.3.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 122.773359][ T30] audit: type=1326 audit(1739920170.037:10005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.3.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 122.800849][ T30] audit: type=1326 audit(1739920170.037:10006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.3.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89c68b4de9 code=0x7ffc0000 [ 122.865597][ T8329] kvm: MWAIT instruction emulated as NOP! [ 122.914776][ T30] audit: type=1326 audit(1739920170.247:10007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8331 comm="syz.7.3443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 122.961509][ T30] audit: type=1326 audit(1739920170.247:10008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8331 comm="syz.7.3443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 122.996980][ T30] audit: type=1326 audit(1739920170.277:10009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8331 comm="syz.7.3443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 123.021267][ T30] audit: type=1326 audit(1739920170.277:10010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8331 comm="syz.7.3443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabbdfe2de9 code=0x7ffc0000 [ 123.101181][ T8343] device wireguard0 entered promiscuous mode [ 123.239697][ T8362] syz.7.3456[8362] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 123.239785][ T8362] syz.7.3456[8362] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 123.290139][ T8372] tipc: Started in network mode [ 123.314087][ T8372] tipc: Node identity ac14140f, cluster identity 4711 [ 123.323231][ T8372] tipc: New replicast peer: 10.1.1.2 [ 123.335359][ T8372] tipc: Enabled bearer , priority 10 [ 123.350865][ T8375] loop9: detected capacity change from 0 to 512 [ 123.493317][ T8375] EXT4-fs (loop9): orphan cleanup on readonly fs [ 123.563609][ T8375] EXT4-fs error (device loop9): ext4_acquire_dquot:6188: comm syz.9.3455: Failed to acquire dquot type 1 [ 123.637445][ T8375] EXT4-fs (loop9): 1 truncate cleaned up [ 123.643172][ T8375] EXT4-fs (loop9): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 123.680492][ T8385] loop7: detected capacity change from 0 to 40427 [ 123.773823][ T8385] F2FS-fs (loop7): Found nat_bits in checkpoint [ 123.837532][ T8385] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 123.864309][ T4892] attempt to access beyond end of device [ 123.864309][ T4892] loop7: rw=2049, want=45104, limit=40427 [ 124.241581][ T8447] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3492'. [ 124.422617][ T8440] loop7: detected capacity change from 0 to 40427 [ 124.457007][ T542] tipc: Node number set to 2886997007 [ 124.472570][ T8440] F2FS-fs (loop7): Small segment_count (9 < 1 * 24) [ 124.480238][ T8440] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 124.516634][ T8440] F2FS-fs (loop7): Found nat_bits in checkpoint [ 124.608490][ T8440] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0 [ 124.626980][ T8440] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 124.670717][ T8491] loop8: detected capacity change from 0 to 512 [ 124.698099][ T4892] attempt to access beyond end of device [ 124.698099][ T4892] loop7: rw=2049, want=45104, limit=40427 [ 124.736419][ T8498] loop4: detected capacity change from 0 to 128 [ 124.743121][ T8491] EXT4-fs error (device loop8): ext4_expand_extra_isize_ea:2766: inode #11: comm syz.8.3511: corrupted xattr block 95 [ 124.768322][ T8491] EXT4-fs error (device loop8): ext4_validate_block_bitmap:429: comm syz.8.3511: bg 0: block 7: invalid block bitmap [ 124.780655][ T8498] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 124.789905][ T8491] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 124.817153][ T8491] EXT4-fs error (device loop8): ext4_xattr_delete_inode:2932: inode #11: comm syz.8.3511: corrupted xattr block 95 [ 124.840509][ T8491] EXT4-fs warning (device loop8): ext4_evict_inode:303: xattr delete (err -117) [ 124.867048][ T8491] EXT4-fs (loop8): 1 orphan inode deleted [ 124.886819][ T8491] EXT4-fs (loop8): mounted filesystem without journal. Opts: bsdgroups,bsddf,,errors=continue. Quota mode: none. [ 124.973600][ T8511] loop8: detected capacity change from 0 to 2048 [ 125.045173][ T8520] netlink: 60 bytes leftover after parsing attributes in process `syz.7.3524'. [ 125.065041][ T8511] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 125.085672][ T8511] ext4 filesystem being mounted at /231/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 125.195822][ T8537] syz.9.3531[8537] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 125.195905][ T8537] syz.9.3531[8537] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 125.222421][ T8541] loop8: detected capacity change from 0 to 128 [ 125.252184][ T8543] loop9: detected capacity change from 0 to 2048 [ 125.261732][ T8541] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 125.272333][ T8541] ext4 filesystem being mounted at /232/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 125.328883][ T8543] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 125.428264][ T8558] syz.3.3538[8558] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 125.428350][ T8558] syz.3.3538[8558] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 125.462084][ T8564] loop9: detected capacity change from 0 to 512 [ 125.505400][ T8548] loop4: detected capacity change from 0 to 40427 [ 125.524664][ T8564] EXT4-fs (loop9): revision level too high, forcing read-only mode [ 125.538255][ T8548] F2FS-fs (loop4): invalid crc value [ 125.540571][ T8564] EXT4-fs (loop9): orphan cleanup on readonly fs [ 125.554878][ T8548] F2FS-fs (loop4): Found nat_bits in checkpoint [ 125.560507][ T8564] EXT4-fs error (device loop9): ext4_acquire_dquot:6188: comm syz.9.3541: Failed to acquire dquot type 1 [ 125.575421][ T8564] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.3541: bg 0: block 40: padding at end of block bitmap is not set [ 125.602764][ T8548] F2FS-fs (loop4): Start checkpoint disabled! [ 125.607044][ T8564] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 125.618215][ T8564] EXT4-fs (loop9): 1 truncate cleaned up [ 125.623755][ T8564] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 125.650701][ T8548] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 125.707957][ T45] attempt to access beyond end of device [ 125.707957][ T45] loop4: rw=2049, want=40976, limit=40427 [ 125.727568][ T8587] loop9: detected capacity change from 0 to 128 [ 125.810670][ T8595] device erspan0 entered promiscuous mode [ 125.828406][ T2009] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 125.893110][ T8607] loop7: detected capacity change from 0 to 512 [ 125.931140][ T8607] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 125.944439][ T8607] EXT4-fs (loop7): 1 truncate cleaned up [ 125.950018][ T8607] EXT4-fs (loop7): mounted filesystem without journal. Opts: init_itable,resuid=0x0000000000000000,stripe=0x0000000000000000,,errors=continue. Quota mode: none. [ 126.024096][ T8621] loop3: detected capacity change from 0 to 1024 [ 126.075444][ T8621] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.3567: Invalid block bitmap block 0 in block_group 0 [ 126.091166][ T8634] xt_bpf: check failed: parse error [ 126.115028][ T8621] EXT4-fs error (device loop3): ext4_acquire_dquot:6188: comm syz.3.3567: Failed to acquire dquot type 0 [ 126.134863][ T8621] EXT4-fs error (device loop3): ext4_free_blocks:6223: comm syz.3.3567: Freeing blocks not in datazone - block = 0, count = 4096 [ 126.158486][ T8621] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.3567: Invalid inode bitmap blk 0 in block_group 0 [ 126.173349][ T8640] blk_update_request: I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 126.184333][ T311] EXT4-fs error (device loop3): ext4_release_dquot:6211: comm kworker/u4:3: Failed to release dquot type 0 [ 126.185956][ T8621] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem [ 126.208733][ T8640] FAT-fs (loop15): unable to read boot sector [ 126.221383][ T8621] EXT4-fs (loop3): 1 orphan inode deleted [ 126.227140][ T2009] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 126.242906][ T2009] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 126.252018][ T8621] EXT4-fs (loop3): mounted filesystem without journal. Opts: ; sysvgroups,stripe=0x0000000000000002,auto_da_alloc,noinit_itable,nogrpid,norecovery,journal_ioprio=0x0000000000000005,noinit_itable,,errors=continue. Quota mode: writeback. [ 126.275432][ T2009] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 126.285379][ T8621] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback. [ 126.302760][ T2009] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 126.311708][ T2009] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.321237][ T2009] usb 9-1: config 0 descriptor?? [ 126.353319][ T8651] xt_hashlimit: max too large, truncated to 1048576 [ 126.390067][ T8659] netlink: 'syz.9.3584': attribute type 4 has an invalid length. [ 126.807687][ T2009] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving [ 126.817142][ T2009] plantronics 0003:047F:FFFF.0009: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 127.079430][ T39] usb 9-1: USB disconnect, device number 7 [ 127.333897][ T8679] loop3: detected capacity change from 0 to 4096 [ 127.364166][ T8679] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 127.545100][ T8693] sit: Src spoofed 1.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 127.635231][ T8707] 9pnet: p9_errstr2errno: server reported unknown error @΂(Q0x0000000000000004 [ 127.689372][ T30] kauditd_printk_skb: 162 callbacks suppressed [ 127.689390][ T30] audit: type=1400 audit(1739920688.008:10166): avc: denied { create } for pid=8712 comm="syz.8.3606" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 127.717312][ T30] audit: type=1400 audit(1739920688.017:10167): avc: denied { mount } for pid=8716 comm="syz.4.3609" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 127.740325][ T30] audit: type=1400 audit(1739920688.027:10168): avc: denied { unmount } for pid=7615 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 127.764451][ T30] audit: type=1400 audit(1739920688.037:10169): avc: denied { write } for pid=8712 comm="syz.8.3606" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 127.802737][ T30] audit: type=1400 audit(1739920688.117:10170): avc: denied { audit_write } for pid=8718 comm="syz.3.3608" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 127.825562][ T30] audit: type=1107 audit(1739920688.137:10171): pid=8718 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 127.869872][ T8732] loop3: detected capacity change from 0 to 512 [ 127.883585][ T30] audit: type=1400 audit(1739920688.196:10172): avc: denied { unmount } for pid=5923 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 127.941303][ T8732] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 127.954056][ T8732] ext4 filesystem being mounted at /803/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 127.973361][ T30] audit: type=1400 audit(1739920688.285:10173): avc: denied { create } for pid=8744 comm="syz.4.3620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 128.025622][ T30] audit: type=1400 audit(1739920688.335:10174): avc: denied { lock } for pid=8751 comm="syz.3.3621" path="socket:[51510]" dev="sockfs" ino=51510 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 128.064608][ T30] audit: type=1400 audit(1739920688.375:10175): avc: denied { connect } for pid=8756 comm="syz.8.3625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 128.158812][ T8772] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 128.191342][ T8775] xt_bpf: check failed: parse error [ 128.206654][ T8780] input: syz0 as /devices/virtual/input/input30 [ 128.213707][ T8780] input: failed to attach handler leds to device input30, error: -6 [ 128.337431][ T8805] bpf_get_probe_write_proto: 2 callbacks suppressed [ 128.337452][ T8805] syz.8.3645[8805] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 128.359470][ T8805] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 128.382321][ T8805] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 128.390571][ T8805] CPU: 1 PID: 8805 Comm: syz.8.3645 Tainted: G W 5.15.178-syzkaller-00193-g058abb720bd1 #0 [ 128.402217][ T8805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 128.412132][ T8805] RIP: 0010:bpf_check+0x9530/0x12c60 [ 128.417231][ T8805] Code: 24 70 80 3c 08 00 74 08 4c 89 ef e8 1a ce 30 00 49 8b 75 00 89 df 41 ff d6 48 89 c3 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 f2 cd 30 00 48 8b 1b 48 85 db 0f 84 [ 128.436689][ T8805] RSP: 0018:ffffc90000ae74e0 EFLAGS: 00010246 [ 128.442579][ T8805] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 128.450505][ T8805] RDX: ffffc900047d8000 RSI: 000000000000341b RDI: 000000000000341c [ 128.458318][ T8805] RBP: ffffc90000ae7bb0 R08: ffffffff817c3e3d R09: 0000000000000003 [ 128.466132][ T8805] R10: fffff5200015cd68 R11: dffffc0000000001 R12: 1ffff9200001fc13 [ 128.474228][ T8805] R13: ffff88810dad4008 R14: ffffffff817bf8a0 R15: ffffc900000fe09c [ 128.482130][ T8805] FS: 00007f965fab46c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 128.490998][ T8805] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.497423][ T8805] CR2: 00007ffd312033e8 CR3: 0000000119249000 CR4: 00000000003506a0 [ 128.505236][ T8805] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 128.513053][ T8805] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 128.520866][ T8805] Call Trace: [ 128.524063][ T8805] [ 128.526845][ T8805] ? __die_body+0x62/0xb0 [ 128.531012][ T8805] ? die_addr+0x9f/0xd0 [ 128.535002][ T8805] ? exc_general_protection+0x311/0x4b0 [ 128.540408][ T8805] ? asm_exc_general_protection+0x27/0x30 [ 128.545950][ T8805] ? tracing_prog_func_proto+0x300/0x300 [ 128.551403][ T8805] ? bpf_tracing_func_proto+0x15d/0x4a0 [ 128.556820][ T8805] ? bpf_check+0x9530/0x12c60 [ 128.561437][ T8805] ? bpf_get_btf_vmlinux+0x60/0x60 [ 128.566474][ T8805] ? arch_stack_walk+0xf3/0x140 [ 128.571167][ T8805] ? stack_trace_save+0x113/0x1c0 [ 128.576148][ T8805] ? stack_trace_snprint+0xf0/0xf0 [ 128.581246][ T8805] ? ____kasan_kmalloc+0xed/0x110 [ 128.586186][ T8805] ? ____kasan_kmalloc+0xdb/0x110 [ 128.591197][ T8805] ? __kasan_kmalloc+0x9/0x10 [ 128.595719][ T8805] ? kmem_cache_alloc_trace+0x11a/0x270 [ 128.601894][ T8805] ? selinux_bpf_prog_alloc+0x51/0x140 [ 128.607313][ T8805] ? security_bpf_prog_alloc+0x62/0x90 [ 128.612594][ T8805] ? bpf_prog_load+0x9ee/0x1b50 [ 128.617282][ T8805] ? __sys_bpf+0x4bc/0x760 [ 128.621876][ T8805] ? __x64_sys_bpf+0x7c/0x90 [ 128.626303][ T8805] ? x64_sys_call+0x87f/0x9a0 [ 128.630812][ T8805] ? do_syscall_64+0x3b/0xb0 [ 128.635239][ T8805] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 128.641183][ T8805] ? __kasan_kmalloc+0x9/0x10 [ 128.645664][ T8805] ? memset+0x35/0x40 [ 128.649596][ T8805] ? bpf_obj_name_cpy+0x196/0x1e0 [ 128.654877][ T8805] bpf_prog_load+0x12ac/0x1b50 [ 128.659463][ T8805] ? map_freeze+0x370/0x370 [ 128.663809][ T8805] ? selinux_bpf+0xcb/0x100 [ 128.668131][ T8805] ? security_bpf+0x82/0xb0 [ 128.672476][ T8805] __sys_bpf+0x4bc/0x760 [ 128.676567][ T8805] ? bpf_link_show_fdinfo+0x300/0x300 [ 128.681798][ T8805] __x64_sys_bpf+0x7c/0x90 [ 128.686016][ T8805] x64_sys_call+0x87f/0x9a0 [ 128.690358][ T8805] do_syscall_64+0x3b/0xb0 [ 128.694694][ T8805] ? clear_bhb_loop+0x35/0x90 [ 128.699248][ T8805] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 128.704935][ T8805] RIP: 0033:0x7f9661449de9 [ 128.709201][ T8805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.729155][ T8805] RSP: 002b:00007f965fab4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 128.737495][ T8805] RAX: ffffffffffffffda RBX: 00007f9661662fa0 RCX: 00007f9661449de9 [ 128.745296][ T8805] RDX: 0000000000000090 RSI: 00004000000000c0 RDI: 0000000000000005 [ 128.753103][ T8805] RBP: 00007f96614cb2a0 R08: 0000000000000000 R09: 0000000000000000 [ 128.760919][ T8805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.768763][ T8805] R13: 0000000000000001 R14: 00007f9661662fa0 R15: 00007fff68e17f18 [ 128.776553][ T8805] [ 128.779400][ T8805] Modules linked in: [ 128.807787][ T8805] ---[ end trace 665f64bfcf2f7af5 ]--- [ 128.814146][ T8805] RIP: 0010:bpf_check+0x9530/0x12c60 [ 128.814184][ T8805] Code: 24 70 80 3c 08 00 74 08 4c 89 ef e8 1a ce 30 00 49 8b 75 00 89 df 41 ff d6 48 89 c3 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 f2 cd 30 00 48 8b 1b 48 85 db 0f 84 [ 128.814204][ T8805] RSP: 0018:ffffc90000ae74e0 EFLAGS: 00010246 [ 128.814225][ T8805] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 128.814240][ T8805] RDX: ffffc900047d8000 RSI: 000000000000341b RDI: 000000000000341c [ 128.814254][ T8805] RBP: ffffc90000ae7bb0 R08: ffffffff817c3e3d R09: 0000000000000003 [ 128.814270][ T8805] R10: fffff5200015cd68 R11: dffffc0000000001 R12: 1ffff9200001fc13 [ 128.814287][ T8805] R13: ffff88810dad4008 R14: ffffffff817bf8a0 R15: ffffc900000fe09c [ 128.814304][ T8805] FS: 00007f965fab46c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 128.814323][ T8805] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.814338][ T8805] CR2: 00007f8b69e86178 CR3: 0000000119249000 CR4: 00000000003506a0 [ 128.814358][ T8805] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 128.814371][ T8805] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 128.814402][ T8805] Kernel panic - not syncing: Fatal exception [ 128.814637][ T8805] Kernel Offset: disabled [ 128.933427][ T8805] Rebooting in 86400 seconds..